Tags that HTML encode it's contents

2

2

2

This enumerates through all HTML tags and checks if the span gets HTML encoded.

Created by: hackvertor

Created on: Tuesday, July 16, 2024 at 7:49:10 PM

Updated on: Tuesday, April 1, 2025 at 7:27:52 AM

Vector type: XSS

Vector charset: UTF-8

Vector data 1: html

Template used:
<$[data1] id=x><span></span></$[data1]>

Code used after fuzz:
x.innerHTML.includes('<') && log('$[data1]')

Your browser was detected as:

Detecting... Detecting... Detecting... Detecting...

Sample payloads

<textarea id=x><span></span></textarea><title id=x><span></span></title>

Fuzz results

Chrome 126.0.0.0 desktop macOS 10.15.7

Updated

Tue Jul 16 2024

Found 2 results

Show differences only?

Filter out alphanumeric

Sort ascending

Loading...

Firefox 128.0 desktop macOS 10.15

Updated

Tue Jul 16 2024

Found 2 results

Show differences only?

Filter out alphanumeric

Sort ascending

Loading...

Safari 17.4 desktop macOS 10.15.7

Updated

Tue Jul 16 2024

Found 2 results

Show differences only?

Filter out alphanumeric

Sort ascending

Loading...