Meter HTML5 XSS filter bypass

I was playing around with some new HTML5 features and noticed a funny one.

Meter gives you a cool progress bar on-the-fly – https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meter

Immediately I thought about using it to bypass some WRONG blacklist tags XSS filter and add a event to it:

[code]<meter onmouseover="alert(1)"[/code]

You can check it on https://jsfiddle.net/btksfbbx/

Nowadays this doesn’t make any advantage to a researcher because you can use arbitrary tags:

[code]<sopas style=font-size:200px onmouseover=alert(1)>Sopas[/code]

Online – https://jsfiddle.net/thnwcjcx/

By David Sopas

-alert(/what/)-

Leave a comment