masato - braves parsing finding valid attributes

195

Trying to see what attributes are filtered

Created by: InsertScript

Created on: Sunday, August 3, 2025 at 8:25:16 AM

Updated on: Sunday, August 3, 2025 at 8:25:16 AM

Vector type: XSS

Vector charset: UTF-8

Vector data 1: attributes

Template used:

<div id="x$[data1]"><span x="$[data1]=123&gt;&bbb"></span></div>
<script>
window["x$[data1]"].innerHTML=window["x$[data1]"].innerHTML;
if (window["x$[data1]"].firstChild.getAttribute("$[data1]") == 123)
{
log('$[data1]')
}
</script>

Your browser was detected as:

Detecting... Detecting... Detecting... Detecting...

Sample payloads

<div id="xaccesskey"><span x="accesskey=123&gt;&bbb"></span></div>
<script>
window["xaccesskey"].innerHTML=window["xaccesskey"].innerHTML;
if (window["xaccesskey"].firstChild.getAttribute("accesskey") == 123)
{
alert('accesskey')
}
</script>

<div id="xanchor"><span x="anchor=123&gt;&bbb"></span></div>
<script>
window["xanchor"].innerHTML=window["xanchor"].innerHTML;
if (window["xanchor"].firstChild.getAttribute("anchor") == 123)
{
alert('anchor')
}
</script>

<div id="xautocapitalize"><span x="autocapitalize=123&gt;&bbb"></span></div>
<script>
window["xautocapitalize"].innerHTML=window["xautocapitalize"].innerHTML;
if (window["xautocapitalize"].firstChild.getAttribute("autocapitalize") == 123)
{
alert('autocapitalize')
}
</script>

<div id="xautofocus"><span x="autofocus=123&gt;&bbb"></span></div>
<script>
window["xautofocus"].innerHTML=window["xautofocus"].innerHTML;
if (window["xautofocus"].firstChild.getAttribute("autofocus") == 123)
{
alert('autofocus')
}
</script>

<div id="xclass"><span x="class=123&gt;&bbb"></span></div>
<script>
window["xclass"].innerHTML=window["xclass"].innerHTML;
if (window["xclass"].firstChild.getAttribute("class") == 123)
{
alert('class')
}
</script>

<div id="xcontenteditable"><span x="contenteditable=123&gt;&bbb"></span></div>
<script>
window["xcontenteditable"].innerHTML=window["xcontenteditable"].innerHTML;
if (window["xcontenteditable"].firstChild.getAttribute("contenteditable") == 123)
{
alert('contenteditable')
}
</script>

<div id="xdir"><span x="dir=123&gt;&bbb"></span></div>
<script>
window["xdir"].innerHTML=window["xdir"].innerHTML;
if (window["xdir"].firstChild.getAttribute("dir") == 123)
{
alert('dir')
}
</script>

<div id="xdraggable"><span x="draggable=123&gt;&bbb"></span></div>
<script>
window["xdraggable"].innerHTML=window["xdraggable"].innerHTML;
if (window["xdraggable"].firstChild.getAttribute("draggable") == 123)
{
alert('draggable')
}
</script>

<div id="xenterkeyhint"><span x="enterkeyhint=123&gt;&bbb"></span></div>
<script>
window["xenterkeyhint"].innerHTML=window["xenterkeyhint"].innerHTML;
if (window["xenterkeyhint"].firstChild.getAttribute("enterkeyhint") == 123)
{
alert('enterkeyhint')
}
</script>

<div id="xexportparts"><span x="exportparts=123&gt;&bbb"></span></div>
<script>
window["xexportparts"].innerHTML=window["xexportparts"].innerHTML;
if (window["xexportparts"].firstChild.getAttribute("exportparts") == 123)
{
alert('exportparts')
}
</script>

<div id="xhidden"><span x="hidden=123&gt;&bbb"></span></div>
<script>
window["xhidden"].innerHTML=window["xhidden"].innerHTML;
if (window["xhidden"].firstChild.getAttribute("hidden") == 123)
{
alert('hidden')
}
</script>

<div id="xid"><span x="id=123&gt;&bbb"></span></div>
<script>
window["xid"].innerHTML=window["xid"].innerHTML;
if (window["xid"].firstChild.getAttribute("id") == 123)
{
alert('id')
}
</script>

<div id="xinert"><span x="inert=123&gt;&bbb"></span></div>
<script>
window["xinert"].innerHTML=window["xinert"].innerHTML;
if (window["xinert"].firstChild.getAttribute("inert") == 123)
{
alert('inert')
}
</script>

<div id="xinputmode"><span x="inputmode=123&gt;&bbb"></span></div>
<script>
window["xinputmode"].innerHTML=window["xinputmode"].innerHTML;
if (window["xinputmode"].firstChild.getAttribute("inputmode") == 123)
{
alert('inputmode')
}
</script>

<div id="xitemid"><span x="itemid=123&gt;&bbb"></span></div>
<script>
window["xitemid"].innerHTML=window["xitemid"].innerHTML;
if (window["xitemid"].firstChild.getAttribute("itemid") == 123)
{
alert('itemid')
}
</script>

<div id="xitemprop"><span x="itemprop=123&gt;&bbb"></span></div>
<script>
window["xitemprop"].innerHTML=window["xitemprop"].innerHTML;
if (window["xitemprop"].firstChild.getAttribute("itemprop") == 123)
{
alert('itemprop')
}
</script>

<div id="xitemref"><span x="itemref=123&gt;&bbb"></span></div>
<script>
window["xitemref"].innerHTML=window["xitemref"].innerHTML;
if (window["xitemref"].firstChild.getAttribute("itemref") == 123)
{
alert('itemref')
}
</script>

<div id="xitemscope"><span x="itemscope=123&gt;&bbb"></span></div>
<script>
window["xitemscope"].innerHTML=window["xitemscope"].innerHTML;
if (window["xitemscope"].firstChild.getAttribute("itemscope") == 123)
{
alert('itemscope')
}
</script>

<div id="xitemtype"><span x="itemtype=123&gt;&bbb"></span></div>
<script>
window["xitemtype"].innerHTML=window["xitemtype"].innerHTML;
if (window["xitemtype"].firstChild.getAttribute("itemtype") == 123)
{
alert('itemtype')
}
</script>

<div id="xlang"><span x="lang=123&gt;&bbb"></span></div>
<script>
window["xlang"].innerHTML=window["xlang"].innerHTML;
if (window["xlang"].firstChild.getAttribute("lang") == 123)
{
alert('lang')
}
</script>

Fuzz results

Microsoft Edge 138.0.0.0 desktop Windows NT 10.0

Updated

Sun Aug 03 2025

Found 195 results

Show differences only?

Filter out alphanumeric

Sort ascending

Chrome 138.0.0.0 desktop Windows NT 10.0

Updated

Sun Aug 03 2025

Found 195 results

Show differences only?

Filter out alphanumeric

Sort ascending

Microsoft Edge 138.0.0.0 desktop Linux Unknown

Updated

Sat Aug 16 2025

Found 195 results

Show differences only?

Filter out alphanumeric

Sort ascending