Entities still parsed in uppercase

This vector transforms each entity into uppercase and checks if it is still rendered.

Shazzer Elite

Created byhackvertor

Created Jul 2, 2024

Updated May 27, 2025

Detecting browser...

CategoryEntity Parsing

VisibilityPublic

TypeJS

CharsetUTF-8

$[data1] placeholderhtml_entities

Code used before fuzz:

const div = document.createElement('div');

Template used:

let entity = '$[data1]'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '$[data1]') {0x0D
   log(entity);0x0D
}

Sample payloads

let entity = '&AMP;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&AMP;') {0x0D
   alert(entity);0x0D
}

let entity = '&COPY;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&COPY;') {0x0D
   alert(entity);0x0D
}

let entity = '&COPYSR;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&COPYSR;') {0x0D
   alert(entity);0x0D
}

let entity = '&DD;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&DD;') {0x0D
   alert(entity);0x0D
}

let entity = '&ENG;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&ENG;') {0x0D
   alert(entity);0x0D
}

let entity = '&ETH;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&ETH;') {0x0D
   alert(entity);0x0D
}

let entity = '&GTCC;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&GTCC;') {0x0D
   alert(entity);0x0D
}

let entity = '&GTCIR;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&GTCIR;') {0x0D
   alert(entity);0x0D
}

let entity = '&GT;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&GT;') {0x0D
   alert(entity);0x0D
}

let entity = '&GTDOT;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&GTDOT;') {0x0D
   alert(entity);0x0D
}

let entity = '&GTLPAR;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&GTLPAR;') {0x0D
   alert(entity);0x0D
}

let entity = '&GTQUEST;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&GTQUEST;') {0x0D
   alert(entity);0x0D
}

let entity = '&GTRAPPROX;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&GTRAPPROX;') {0x0D
   alert(entity);0x0D
}

let entity = '&GTRARR;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&GTRARR;') {0x0D
   alert(entity);0x0D
}

let entity = '&GTRDOT;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&GTRDOT;') {0x0D
   alert(entity);0x0D
}

let entity = '&GTREQLESS;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&GTREQLESS;') {0x0D
   alert(entity);0x0D
}

let entity = '&GTREQQLESS;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&GTREQQLESS;') {0x0D
   alert(entity);0x0D
}

let entity = '&GTRLESS;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&GTRLESS;') {0x0D
   alert(entity);0x0D
}

let entity = '&GTRSIM;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&GTRSIM;') {0x0D
   alert(entity);0x0D
}

let entity = '&LTCC;'.toUpperCase();0x0D
div.innerHTML= entity;0x0D
if(!div.innerText.includes(entity) && entity !== '&LTCC;') {0x0D
   alert(entity);0x0D
}

Distributed Fuzzing

Entities still parsed in uppercase

Sample payloads

Fuzz results