From 83ea59c8351881917f00ed9a032a0e9905e40bbf Mon Sep 17 00:00:00 2001
From: ShadowByte <155693555+ShadowByte1@users.noreply.github.com>
Date: Wed, 7 Aug 2024 14:17:47 +1000
Subject: [PATCH] Update README.md

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index ccb8360..ac75c9d 100644
--- a/README.md
+++ b/README.md
@@ -634,6 +634,7 @@ event: message\ndata: <script>alert('XSS via EventSource')</script>\n\n
 
 CSS Content Property Injection
 If an application allows user input in CSS properties without sanitization, it can lead to XSS.
+Note:most browsers consider the content property text not html and this works under very certain conditions unsure whether the browser still accepts this however i have inserted here as a use case.
 ```
 <style>
   .content::before { content: '<img src=x onerror=alert("XSS via CSS Content Property")>'; }