XSS

XSS Lab craft · inject · fire

Injection Context

Your Payload

Test through DOMPurify

ALLOWED_TAGS

ALLOWED_ATTR

Options

FORCE_BODY ALLOW_DATA_ATTR ALLOW_UNKNOWN_PROTOCOLS

Sanitized output

Quick Payloads — click to use

example.com — click ▶ Test to load

⚠ For authorized testing and educational use only. Do not use against systems you do not own or have explicit permission to test.