Fuzzing for Max sanitized input (simplified)

Simplified test for Max (https://discord.com/channels/1110206757227216916/1168685918920638614/1358614602153201736)

Created by: vitorfhc

Created on: Monday, April 7, 2025 at 11:26:32 AM

Updated on: Wednesday, May 28, 2025 at 5:06:20 PM

Category: HTML Parsing

Vector visibility: Public

Vector type: XSS

Vector charset: UTF-8

Code used before fuzz:

<script>
window.onerror=x=>true;
</script>
<base href="https://example.com" />

Template used:
<a id=x></a>

Code used after fuzz:

const mw = /^(?!javascript:)/i;
function nu(e) {
    return (e = String(e)).match(mw) ? e : "unsafe:" + e
}

const t = nu(`${String.fromCodePoint($[i])}javascript:alert(1)`);
x.href = t
x.protocol === 'javascript:' && log($[i])

Your browser was detected as:

Detecting... Detecting... Detecting... Detecting...

Sample payloads

<a id=x></a>

Fuzz results

Chrome 136.0.0.0 desktop Windows NT 10.0

Updated

Tue May 27 2025

Found 33 results

Show differences only?

Filter out alphanumeric

Sort ascending

Chrome 141.0.0.0 desktop macOS 10.15.7

Updated

Fri Oct 24 2025

Found 33 results

Show differences only?

Filter out alphanumeric

Sort ascending