Shazzer logo

    DOM element relationships

    The classic DOM element relationship test found in the blog post https://portswigger.net/research/dom-clobbering-strikes-back

    Created by: Johan Carlsson

    Created on: 4/10/2024, 7:46:42 AM

    Updated on: 5/1/2024, 11:30:08 AM

    Vector type: XSS

    Template used:
    <$[data1] id="x$[i]"><$[data2] id="y$[j]"></$[data2]></$[data1]>

    Code used after fuzz:
    document.getElementById('x$[i]') && x$[i].y$[j] && log('$[data1]->$[data2]')

    Your browser was detected as:
    Detecting... Detecting...

    Fuzz results:

    Chrome logo
    Chrome 123.0.0.0
    Results
    Found 8
    Data
    form->button
    Data
    form->fieldset
    Data
    form->img
    Data
    form->input
    Data
    form->object
    Data
    form->output
    Data
    form->select
    Data
    form->textarea
    Safari logo
    Safari 17.4
    Results
    Found 8
    Data
    form->button
    Data
    form->fieldset
    Data
    form->img
    Data
    form->input
    Data
    form->object
    Data
    form->output
    Data
    form->select
    Data
    form->textarea
    Firefox logo
    Firefox 124.0
    Results
    Found 8
    Data
    form->button
    Data
    form->fieldset
    Data
    form->img
    Data
    form->input
    Data
    form->object
    Data
    form->output
    Data
    form->select
    Data
    form->textarea