Fuzzing for Max sanitized input (simplified)

Simplified test for Max (https://discord.com/channels/1110206757227216916/1168685918920638614/1358614602153201736)

Created byvitorfhc

Created Apr 7, 2025

Updated May 28, 2025

Detecting browser...

CategoryHTML Parsing

VisibilityPublic

TypeXSS

CharsetUTF-8

Code used before fuzz:

<script>0x0D
window.onerror=x=>true;0x0D
</script>0x0D
<base href="https://example.com" />

Template used:

<a id=x></a>

Code used after fuzz:

const mw = /^(?!javascript:)/i;0x0D
function nu(e) {0x0D
    return (e = String(e)).match(mw) ? e : "unsafe:" + e0x0D
}0x0D
0x0D
const t = nu(`${String.fromCodePoint($[i])}javascript:alert(1)`);0x0D
x.href = t0x0D
x.protocol === 'javascript:' && log($[i])

Fuzzing for Max sanitized input (simplified)

Sample payloads

Fuzz results

Fuzzing for Max sanitized input (simplified)

Sample payloads

Fuzz results

Distributed Fuzzing