feat(fuzz): add XSS context analyzer for #5838 | Algora

PR

feat(fuzz): add XSS context analyzer for #5838

projectdiscovery/nuclei#6998

Summary

Add XSS Context Analyzer to detect HTML context and reduce false positives in XSS fuzzing.

Proposed Changes

New analyzer: xss-context
Detects: script, attribute, event handler, URL, comment contexts
Uses response body analysis

Proof

XSS Demo

Checklist

PR against dev branch

/claim #5838

Summary by CodeRabbit

Release Notes

New Features
- Added XSS vulnerability detection capability to fuzz testing that identifies when user input is reflected in HTML responses and automatically determines the specific reflection context (script tags, attributes, event handlers, URLs, or comments) for detailed risk assessment.

Claim

Total prize pool $200

Total paid $0

Status Pending

Submitted February 21, 2026

Last updated February 21, 2026

Contributors

DA

daredeep33

@daredeep33

100%

Sponsors

PR

ProjectDiscovery

@projectdiscovery

$200