All VectorsVector nameUser Created Type Likes 63.4k 63.4k 63.4k 63.4kCharacters encoded by encodeURI()JorianWoltjer7/4/2025JS1 1 1 1 1Characters between < and element nameThomasOrlita4/15/2024HTML1 577 577 577 577Entities allowed as JS variableshackvertor7/2/2024XSS1 6 6 6ToUpperCase Improper Character MorphingIDKdir7/13/2024JS1 40 40 40 40JavaScript Scheme starting with httpBinaryScary7/16/2024JS1 9 9 9XSS vectors that consume tagY4tacker11/5/2024XSS1⚠ Browser differences 39 1 39 39HTML tags that force HTML mode inside SVGhackvertor8/2/2024XSS1 7 7 7 7Characters that close or encapsulate HTML attribute valuesola45611/5/2024XSS1 63.3k 63.3k 63.3k 63.3kDifferences between escape vs encodeURIComponenthackvertor10/15/2024JS1 2 2 2HTML tags that can clobber the credentials part of the URL0x999-x11/4/2024XSS1 2 2 2Bytes that will normalize ISO-2022-JPCillian-Collins12/26/2024XSS1 2 2 2Bytes that will scramble ISO-2022-JPCillian-Collins12/26/2024XSS1⚠ Browser differences 1 1 1 89Characters unencoded characters supported in the hashhackvertor9/24/2024JS1 82 82 82 82encodeURI() not encoded with %forglockenspielexact7/11/2025JS1 34 34 34 34Characters allowed before slashes which result in an external URLhackvertor1/16/2025XSS1 29 29 29 29Non-standard characters that break JSON.parse()DreyAnd11/15/2024JS1⚠ Browser differences 45 45 45 29Characters allowed within a hostname but don't change the hostnameThomasOrlita4/30/2024JS1 1 1 1Includes Validation Chars AllowedSimpsonpt10/8/2024JS1 1 1 1Entities in-between square brackets that close cdatahackvertor10/8/2024XSS1 63.4k 63.4k 63.4k 63.4kCharacters encoded by encodeURIComponent()JorianWoltjer7/4/2025JS1Found 246 recordsPage 10 of 13«45678910111213»
