<img /="/" alt="(" src="https://noembed.com/i///imgs.xkcd.com/comics/(.png" title="Brains aside, I wonder how many poorly-written xkcd.com-parsing scripts will break on this title (or ;;"''{<<[' this mouseover text."">
Which results in the title attribute getting cut off by the raw quotes:
Brains aside, I wonder how many poorly-written xkcd.com-parsing scripts will break on this title (or ;;
Shows up here: https://noembed.com/embed?url=http%3A%2F%2Fxkcd.com%2F859%2F
The HTML produced (after parsing the JSON) is:
Which results in the
titleattribute getting cut off by the raw quotes: