Active formatting elements
14
14
14Find "active formatting elements" that get duplicated in case of wrongly nested tags
Created byJorianWoltjer
Created May 1, 2024
Updated May 27, 2025
Detecting browser...
CategoryHTML Parsing
VisibilityPublic
TypeXSS
CharsetUTF-8
$[data1] placeholderhtml
Template used:
<p><$[data1] class="class">a<p>b</p>c</$[data1]></p>Code used after fuzz:
if (document.getElementsByClassName("class").length > 1) log('$[data1]')Sample payloads
<p><a class="class">a<p>b</p>c</a></p><p><b class="class">a<p>b</p>c</b></p><p><big class="class">a<p>b</p>c</big></p><p><code class="class">a<p>b</p>c</code></p><p><em class="class">a<p>b</p>c</em></p><p><font class="class">a<p>b</p>c</font></p><p><i class="class">a<p>b</p>c</i></p><p><nobr class="class">a<p>b</p>c</nobr></p><p><s class="class">a<p>b</p>c</s></p><p><small class="class">a<p>b</p>c</small></p><p><strike class="class">a<p>b</p>c</strike></p><p><strong class="class">a<p>b</p>c</strong></p><p><tt class="class">a<p>b</p>c</tt></p><p><u class="class">a<p>b</p>c</u></p>Fuzz results
Chrome 144.0.0.0 mobile Android 10
Updated
Sat Jan 31 2026
Found 14 results
Loading...
Chrome 143.0.0.0 desktop Windows NT 10.0older version
Updated
Sat Jan 31 2026
Found 14 results
Loading...
Chrome 143.0.0.0 desktop macOS 10.15.7older version
Updated
Wed Jan 28 2026
Found 14 results
Loading...
Chrome 124.0.0.0 Unknown Unknownolder version
Updated
Thu May 02 2024
Found 14 results
Loading...
Firefox 147.0 desktop Linux
Updated
Sun Feb 01 2026
Found 14 results
Loading...
Microsoft Edge 144.0.0.0 desktop Windows NT 10.0
Updated
Sat Jan 31 2026
Found 14 results
Loading...