Entities still parsed in uppercase

This vector transforms each entity into uppercase and checks if it is still rendered.

Created by: hackvertor

Created on: Tuesday, July 2, 2024 at 5:15:34 PM

Updated on: Tuesday, August 20, 2024 at 1:16:11 PM

Vector type: JS

Code used before fuzz:
const div = document.createElement('div');

Template used:

let entity = '$[data1]'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '$[data1]') {
   log(entity);
}

Your browser was detected as:

Detecting... Detecting... Detecting... Detecting...

Sample payloads

let entity = '&AMP;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&AMP;') {
   alert(entity);
}

let entity = '&COPY;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&COPY;') {
   alert(entity);
}

let entity = '&COPYSR;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&COPYSR;') {
   alert(entity);
}

let entity = '&DD;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&DD;') {
   alert(entity);
}

let entity = '&ENG;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&ENG;') {
   alert(entity);
}

let entity = '&ETH;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&ETH;') {
   alert(entity);
}

let entity = '&GTCC;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&GTCC;') {
   alert(entity);
}

let entity = '&GTCIR;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&GTCIR;') {
   alert(entity);
}

let entity = '&GT;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&GT;') {
   alert(entity);
}

let entity = '&GTDOT;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&GTDOT;') {
   alert(entity);
}

let entity = '&GTLPAR;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&GTLPAR;') {
   alert(entity);
}

let entity = '&GTQUEST;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&GTQUEST;') {
   alert(entity);
}

let entity = '&GTRAPPROX;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&GTRAPPROX;') {
   alert(entity);
}

let entity = '&GTRARR;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&GTRARR;') {
   alert(entity);
}

let entity = '&GTRDOT;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&GTRDOT;') {
   alert(entity);
}

let entity = '&GTREQLESS;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&GTREQLESS;') {
   alert(entity);
}

let entity = '&GTREQQLESS;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&GTREQQLESS;') {
   alert(entity);
}

let entity = '&GTRLESS;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&GTRLESS;') {
   alert(entity);
}

let entity = '&GTRSIM;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&GTRSIM;') {
   alert(entity);
}

let entity = '&LTCC;'.toUpperCase();
div.innerHTML= entity;
if(!div.innerText.includes(entity) && entity !== '&LTCC;') {
   alert(entity);
}

Fuzz results

Safari 17.5 mobile iOS 17.5.1

Updated

Tue Jul 02 2024

Found 35 results

Show differences only?

Filter out alphanumeric

Sort ascending

Data
&AMP;

Data
&COPY;

Data
&COPYSR;

Data
&DD;

Data
&ENG;

Data
Ð

Data
&GT;

Data
&GTCC;

Data
&GTCIR;

Data
&GTDOT;

Data
&GTLPAR;

Data
&GTQUEST;

Data
&GTRAPPROX;

Data
&GTRARR;

Data
&GTRDOT;

Data
&GTREQLESS;

Data
&GTREQQLESS;

Data
&GTRLESS;

Data
&GTRSIM;

Data
&LT;

Data
&LTCC;

Data
&LTCIR;

Data
&LTDOT;

Data
&LTHREE;

Data
&LTIMES;

Data
&LTLARR;

Data
&LTQUEST;

Data
&LTRI;

Data
&LTRIE;

Data
&LTRIF;

Data
&LTRPAR;

Data
&QUOT;

Data
&REG;

Data
Þ

Data
&TRADE;

Chrome 126.0.0.0 desktop macOS 10.15.7

Updated

Tue Jul 02 2024

Found 35 results

Show differences only?

Filter out alphanumeric

Sort ascending

Data
&AMP;

Data
&COPY;

Data
&COPYSR;

Data
&DD;

Data
&ENG;

Data
Ð

Data
&GT;

Data
&GTCC;

Data
&GTCIR;

Data
&GTDOT;

Data
&GTLPAR;

Data
&GTQUEST;

Data
&GTRAPPROX;

Data
&GTRARR;

Data
&GTRDOT;

Data
&GTREQLESS;

Data
&GTREQQLESS;

Data
&GTRLESS;

Data
&GTRSIM;

Data
&LT;

Data
&LTCC;

Data
&LTCIR;

Data
&LTDOT;

Data
&LTHREE;

Data
&LTIMES;

Data
&LTLARR;

Data
&LTQUEST;

Data
&LTRI;

Data
&LTRIE;

Data
&LTRIF;

Data
&LTRPAR;

Data
&QUOT;

Data
&REG;

Data
Þ

Data
&TRADE;

Safari 17.4 desktop macOS 10.15.7

Updated

Tue Jul 02 2024

Found 35 results

Show differences only?

Filter out alphanumeric

Sort ascending

Data
&AMP;

Data
&COPY;

Data
&COPYSR;

Data
&DD;

Data
&ENG;

Data
Ð

Data
&GT;

Data
&GTCC;

Data
&GTCIR;

Data
&GTDOT;

Data
&GTLPAR;

Data
&GTQUEST;

Data
&GTRAPPROX;

Data
&GTRARR;

Data
&GTRDOT;

Data
&GTREQLESS;

Data
&GTREQQLESS;

Data
&GTRLESS;

Data
&GTRSIM;

Data
&LT;

Data
&LTCC;

Data
&LTCIR;

Data
&LTDOT;

Data
&LTHREE;

Data
&LTIMES;

Data
&LTLARR;

Data
&LTQUEST;

Data
&LTRI;

Data
&LTRIE;

Data
&LTRIF;

Data
&LTRPAR;

Data
&QUOT;

Data
&REG;

Data
Þ

Data
&TRADE;

Firefox 127.0 desktop macOS 10.15

Updated

Tue Jul 02 2024

Found 35 results

Show differences only?

Filter out alphanumeric

Sort ascending

Data
&AMP;

Data
&COPY;

Data
&COPYSR;

Data
&DD;

Data
&ENG;

Data
Ð

Data
&GT;

Data
&GTCC;

Data
&GTCIR;

Data
&GTDOT;

Data
&GTLPAR;

Data
&GTQUEST;

Data
&GTRAPPROX;

Data
&GTRARR;

Data
&GTRDOT;

Data
&GTREQLESS;

Data
&GTREQQLESS;

Data
&GTRLESS;

Data
&GTRSIM;

Data
&LT;

Data
&LTCC;

Data
&LTCIR;

Data
&LTDOT;

Data
&LTHREE;

Data
&LTIMES;

Data
&LTLARR;

Data
&LTQUEST;

Data
&LTRI;

Data
&LTRIE;

Data
&LTRIF;

Data
&LTRPAR;

Data
&QUOT;

Data
&REG;

Data
Þ

Data
&TRADE;