Characters allowed to break double quotes
1
Characters allowed to break double quotes in the action attribute
Created by: p3n7a90n
Created on: Sunday, June 30, 2024 at 12:02:09 PM
Updated on: Wednesday, December 11, 2024 at 8:38:37 PM
Vector type: XSS
Vector charset: UTF-8
Template used:
<form id="test" action="aaa$[chr]onsubmit=alert(1)><input/type='submit'>
Code used after fuzz:
var form = document.getElementById("test");
if (typeof form.onsubmit === 'function') {
log(String.fromCharCode($[i]))
}
Your browser was detected as:
Detecting... Detecting... Detecting... Detecting...
Sample payloads
<form id="test" action="aaa onsubmit=alert(1)><input/type='submit'>
Fuzz results
Chrome 122.0.0.0 desktop macOS 10.15.7
Updated
Sun Jun 30 2024
Found 1 result
Loading...