Valid characters before domain 1

Import from old 1

Created by: avlidienbrunn

Created on: Wednesday, April 10, 2024 at 8:21:32 AM

Updated on: Thursday, November 21, 2024 at 7:38:20 AM

Vector type: XSS

Vector charset: UTF-8

Template used:
<a href="https://$[chr]example.com/" id="test$[i]"></a>

Code used after fuzz:
if(document.getElementById("test$[i]").host=="example.com"){log($[i])}

Your browser was detected as:

Detecting... Detecting... Detecting... Detecting...

Sample payloads

<a href="https:// example.com/" id="test9"></a>

<a href="https://
example.com/" id="test10"></a>

<a href="https://
example.com/" id="test13"></a>

<a href="https:///example.com/" id="test47"></a><a href="https://@example.com/" id="test64"></a><a href="https://\example.com/" id="test92"></a><a href="https://example.com/" id="test173"></a><a href="https://͏example.com/" id="test847"></a><a href="https://᠋example.com/" id="test6155"></a><a href="https://᠌example.com/" id="test6156"></a><a href="https://᠍example.com/" id="test6157"></a><a href="https://᠏example.com/" id="test6159"></a><a href="https://example.com/" id="test8203"></a><a href="https://⁠example.com/" id="test8288"></a><a href="https://⁤example.com/" id="test8292"></a><a href="https://︀example.com/" id="test65024"></a><a href="https://︁example.com/" id="test65025"></a><a href="https://︂example.com/" id="test65026"></a><a href="https://︃example.com/" id="test65027"></a><a href="https://︄example.com/" id="test65028"></a>

Fuzz results

Firefox 124.0 Unknown Unknown

Updated

Sun Apr 14 2024

Found 32 results

Show differences only?

Filter out alphanumeric

Sort ascending

Safari 17.4 Unknown Unknown

Updated

Sun Apr 14 2024

Found 32 results

Show differences only?

Filter out alphanumeric

Sort ascending

Chrome 123.0.6312.52 Unknown Unknown

Updated

Sun Apr 14 2024

Found 32 results

Show differences only?

Filter out alphanumeric

Sort ascending