Entities allowed between two forward slashes
Quick check what entities is allowed between two slashes in regards to a protocol "//"
Created by: InsertScript
Created on: Thursday, September 19, 2024 at 10:55:21 AM
Updated on: Thursday, September 19, 2024 at 10:55:21 AM
Vector type: XSS
Template used:
<a href="/$[data1]/test.com/" id=x></a>
Code used after fuzz:
if(x.host == "test.com")log('$[data1]')Your browser was detected as:
Detecting... Detecting... Detecting... Detecting...
Sample payloads
<a href="/\/test.com/" id=x></a>
<a href="/
/test.com/" id=x></a>
<a href="///test.com/" id=x></a>
<a href="/	/test.com/" id=x></a>
Fuzz results
Chrome 131.0.0.0 desktop Windows NT 10.0
Found 4 results
| Data |
|---|
| \ |
| Data |
|---|
| 
 |
| Data |
|---|
| / |
| Data |
|---|
| 	 |