Null chars also work as XSS vectors but not like above, you need to inject them directly using something like Burp Proxy or use ...in the URL string or if you want to write your own injection tool you can either use vim ({{/...}} will produce a null) or the following program to generate it into a text file. Okay, I lied again, older versions of Opera (circa 7.11 on Windows) were vulnerable to one additional char 173 (the soft hypen control char). But the null char {{%00}} is much more useful and helped me bypass certain real world filters with a variation on this example:
maxAtSW
commented
3 years ago
Bug description
Null chars also work as XSS vectors but not like above, you need to inject them directly using something like Burp Proxy or use ...in the URL string or if you want to write your own injection tool you can either use vim ({{/...}} will produce a null) or the following program to generate it into a text file. Okay, I lied again, older versions of Opera (circa 7.11 on Windows) were vulnerable to one additional char 173 (the soft hypen control char). But the null char {{%00}} is much more useful and helped me bypass certain real world filters with a variation on this example:
aaa bbb ccc
Found in version
11.6
Workaround Complexity
There's an easy workaround
Workaround Description
easy workaround to be done....
Affects Version/s
Link to JIRA bug
https://ca-il-jira-test.il.cyber-ark.com/browse/ONYX-6685