Characters that can break out of an inline style with single quotes
Characters that can break out of an inline style with single quotes
Created by: 0xdef1ant
Created on: Saturday, July 13, 2024 at 7:37:50 PM
Updated on: Tuesday, August 20, 2024 at 12:22:48 PM
Vector type: XSS
Template used:
<div id="test" style='$[chr]onload="alert(1)">hello</div>
Code used after fuzz:
let a = document.getElementById("test");
if (typeof a.onload === 'function') {
log(String.fromCharCode($[i]))
}Your browser was detected as:
Detecting... Detecting... Detecting... Detecting...
Sample payloads
<div id="test" style='�onload="alert(1)">hello</div>
Fuzz results
Chrome 124.0.0.0 desktop macOS 10.15.7
Found 1 result
| Data |
|---|
| ' |