Characters that can break out of an inline style with double quotes
Characters that can break out of an inline style with double quotes
Created by: 0xdef1ant
Created on: Saturday, July 13, 2024 at 7:33:48 PM
Updated on: Tuesday, August 13, 2024 at 10:50:04 AM
Vector type: XSS
Template used:
<div id="test" style="$[chr]onload="alert(1)">hello</div>
Code used after fuzz:
let a = document.getElementById("test");
if (typeof a.onload === 'function') {
log(String.fromCharCode($[i]))
}Your browser was detected as:
Detecting... Detecting... Detecting... Detecting...
Sample payloads
<div id="test" style="�onload="alert(1)">hello</div>
Fuzz results
Chrome 124.0.0.0 desktop macOS 10.15.7
Found 1 result
| Data |
|---|
| " |