javascript – Is it possible to exploit this XSS?

Im learning about XSS and I found I can inject code in this tag a few days ago.


<div id="pagenotfound" title='Cannot find /it/search/testtesttesttetst'onload=alert(1)'>

My payload:


URL: /it/search//testtesttesttetst’onload=alert(1)

I have locked < > ” & % and many more characters (When I put ‘ automatically becomes this ‘ )(The last ‘ already comes with the page). So, is possible to inject any type of XSS payload in this website?

Thank you all for the help.