Active formatting elements
Find "active formatting elements" that get duplicated in case of wrongly nested tags
Created by: JorianWoltjer
Created on: Wednesday, May 1, 2024 at 1:48:59 PM
Updated on: Wednesday, July 3, 2024 at 3:56:34 PM
Vector type: XSS
Template used:
<p><$[data1] class="class">a<p>b</p>c</$[data1]></p>
Code used after fuzz:
if (document.getElementsByClassName("class").length > 1) log('$[data1]')Your browser was detected as:
Detecting... Detecting... Detecting... Detecting...
Sample payloads
<p><a class="class">a<p>b</p>c</a></p>
<p><b class="class">a<p>b</p>c</b></p>
<p><big class="class">a<p>b</p>c</big></p>
<p><code class="class">a<p>b</p>c</code></p>
<p><em class="class">a<p>b</p>c</em></p>
<p><font class="class">a<p>b</p>c</font></p>
<p><i class="class">a<p>b</p>c</i></p>
<p><nobr class="class">a<p>b</p>c</nobr></p>
<p><s class="class">a<p>b</p>c</s></p>
<p><small class="class">a<p>b</p>c</small></p>
<p><strike class="class">a<p>b</p>c</strike></p>
<p><strong class="class">a<p>b</p>c</strong></p>
<p><tt class="class">a<p>b</p>c</tt></p>
<p><u class="class">a<p>b</p>c</u></p>
Fuzz results
Chrome 124.0.0.0 Unknown Unknown
Found 14 results
| Data |
|---|
| a |
| Data |
|---|
| b |
| Data |
|---|
| big |
| Data |
|---|
| code |
| Data |
|---|
| em |
| Data |
|---|
| font |
| Data |
|---|
| i |
| Data |
|---|
| nobr |
| Data |
|---|
| s |
| Data |
|---|
| small |
| Data |
|---|
| strike |
| Data |
|---|
| strong |
| Data |
|---|
| tt |
| Data |
|---|
| u |