Characters ending XML Processing Instructions (WIP)

Characters ending XML Processing Instructions tags, ? replacement.

Created byola456

Created Feb 4, 2025

Updated May 28, 2025

Detecting browser...

CategoryHTML Parsing

VisibilityPublic

TypeXSS

CharsetUTF-8

Template used:

<!-- This vector causes Firefox to hang please fix-->
<!--
<iframe src='data:application/xml,<?xml version="1.0" encoding="UTF-8"$[chr]><x:script xmlns:x="http://www.w3.org/1999/xhtml">window.parent.postMessage("$[chr]","*")</x:script>'></iframe>
<script>
  window.addEventListener('message', e => console.log(e.data));
</script>
-->

Fuzz results

Chrome 145.0.0.0 desktop Windows NT 10.0

Updated16 Feb 2026

Found 1 result

Show differences only?

Filter out alphanumeric

Sort ascending

Firefox 148.0 desktop Windows NT 10.0

Updated23 Feb 2026

Found 1 result

Show differences only?

Filter out alphanumeric

Sort ascending

Microsoft Edge 145.0.0.0 desktop Windows NT 10.0

Updated18 Feb 2026

Found 1 result

Show differences only?

Filter out alphanumeric

Sort ascending

Characters ending XML Processing Instructions (WIP)

Fuzz results

Distributed Fuzzing