Characters that can break out of an inline style with single quotes

Created by: 0xdef1ant

Created on: Saturday, July 13, 2024 at 7:37:50 PM

Updated on: Tuesday, May 27, 2025 at 8:15:32 AM

Category: CSS Parsing

Vector visibility: Public

Vector type: XSS

Vector charset: UTF-8

Template used:

<div id="test" style='$[chr]onload="alert(1)">hello</div>

Code used after fuzz:

let a = document.getElementById("test");0x0D
if (typeof a.onload === 'function') {0x0D
log(String.fromCharCode($[i]))0x0D
  }

Your browser was detected as:

Detecting... Detecting... Detecting... Detecting...

Sample payloads

<div id="test" style='0x00onload="alert(1)">hello</div>

Chrome 144.0.0.0 desktop Windows NT 10.0

Updated

Sun Jan 25 2026

Found 1 result

Show differences only?

Filter out alphanumeric

Sort ascending

Chrome 124.0.0.0 desktop macOS 10.15.7older version

Updated

Sat Jul 13 2024

Found 1 result

Show differences only?

Filter out alphanumeric

Sort ascending

Firefox 145.0 desktop Windows NT 10.0

Updated

Sat Nov 15 2025

Found 1 result

Show differences only?

Filter out alphanumeric

Sort ascending