Characters ending XML Processing Instructions (WIP)

Characters ending XML Processing Instructions tags, ? replacement.

Created byola456

Created Feb 4, 2025

Updated May 28, 2025

Detecting browser...

CategoryHTML Parsing

VisibilityPublic

TypeXSS

CharsetUTF-8

Template used:

<!-- This vector causes Firefox to hang please fix-->
<!--
<iframe src='data:application/xml,<?xml version="1.0" encoding="UTF-8"$[chr]><x:script xmlns:x="http://www.w3.org/1999/xhtml">window.parent.postMessage("$[chr]","*")</x:script>'></iframe>
<script>
  window.addEventListener('message', e => console.log(e.data));
</script>
-->

Sample payloads

<!-- This vector causes Firefox to hang please fix-->
<!--
<iframe src='data:application/xml,<?xml version="1.0" encoding="UTF-8"0x00><x:script xmlns:x="http://www.w3.org/1999/xhtml">window.parent.postMessage("0x00","*")</x:script>'></iframe>
<script>
  window.addEventListener('message', e => console.alert(e.data));
</script>
-->

Fuzz results

Chrome 144.0.0.0 desktop Windows NT 10.0

Updated

Sun Jan 25 2026

Found 1 result

Show differences only?

Filter out alphanumeric

Sort ascending

Firefox 147.0 desktop Linux

Updated

Sun Feb 01 2026

Found 1 result

Show differences only?

Filter out alphanumeric

Sort ascending

Microsoft Edge 144.0.0.0 desktop Windows NT 10.0

Updated

Fri Jan 30 2026

Found 1 result

Show differences only?

Filter out alphanumeric

Sort ascending

Characters ending XML Processing Instructions (WIP)

Sample payloads

Fuzz results

Distributed Fuzzing