Characters ending XML Processing Instructions (WIP)

Characters ending XML Processing Instructions tags, ? replacement.

Created byola456

Created Feb 4, 2025

Updated May 28, 2025

Detecting browser...

CategoryHTML Parsing

VisibilityPublic

TypeXSS

CharsetUTF-8

Template used:

<!-- This vector causes Firefox to hang please fix-->
<!--
<iframe src='data:application/xml,<?xml version="1.0" encoding="UTF-8"$[chr]><x:script xmlns:x="http://www.w3.org/1999/xhtml">window.parent.postMessage("$[chr]","*")</x:script>'></iframe>
<script>
  window.addEventListener('message', e => console.log(e.data));
</script>
-->

Characters ending XML Processing Instructions (WIP)

Characters ending XML Processing Instructions tags, ? replacement.

Created byola456

Created Feb 4, 2025

Updated May 28, 2025

Detecting browser...

CategoryHTML Parsing

VisibilityPublic

TypeXSS

CharsetUTF-8

Template used:

<!-- This vector causes Firefox to hang please fix-->
<!--
<iframe src='data:application/xml,<?xml version="1.0" encoding="UTF-8"$[chr]><x:script xmlns:x="http://www.w3.org/1999/xhtml">window.parent.postMessage("$[chr]","*")</x:script>'></iframe>
<script>
  window.addEventListener('message', e => console.log(e.data));
</script>
-->

Characters ending XML Processing Instructions (WIP)

Fuzz results

Characters ending XML Processing Instructions (WIP)

Fuzz results

Distributed Fuzzing

Characters ending XML Processing Instructions (WIP)

Fuzz results

Characters ending XML Processing Instructions (WIP)

Fuzz results