I was playing around with some new HTML5 features and noticed a funny one.
Meter gives you a cool progress bar on-the-fly – https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meter
Immediately I thought about using it to bypass some WRONG blacklist tags XSS filter and add a event to it:
[code]<meter onmouseover="alert(1)"[/code]
You can check it on https://jsfiddle.net/btksfbbx/
Nowadays this doesn’t make any advantage to a researcher because you can use arbitrary tags:
[code]<sopas style=font-size:200px onmouseover=alert(1)>Sopas[/code]
Online – https://jsfiddle.net/thnwcjcx/