All VectorsVector nameUser Created Type Likes 39 39 39Characters allowed between an object and bracket notationcold-try4/15/2024JS0 1 1CSS inline property definitionhipotermia3/12/2025HTML0 7 7Characters between element name and >ThomasOrlita4/15/2024HTML0 68 68 68 68Characters allowed in the protocol that still resolve host namehackvertor5/6/2025JS0 1 1Characters allowed instead of equal signc3l3si4n4/28/2024XSS0 35 35 35Entities still parsed in uppercasehackvertor7/2/2024JS0 2 2 2Characters not urlencoded when using the shema part of the URLd0ge9/24/2024JS0 1 1Escape inline double quotelUcgryy3/7/2025XSS0 7 7 7Characters ignored in an attribute namehackvertor5/28/2024XSS0 4 4 4Entities allowed between slashes on a protocol relative URLhackvertor7/6/2024JS0 3 3 3Characters that act as array literalshackvertor6/24/2024JS0 15Characters appended at the end of PORT within URL, which yield a different HOSTreindaelman6/15/2025JS0 31 31 31Characters allowed either side of a variable assignmenthackvertor7/18/2025JS0 25 25 25Characters allowed after throw statementhackvertor7/14/2025JS0 14 14 14Tags that get moved out of parenthackvertor1/22/2025XSS0 2 2 2Characters allowed after colon which result in an external URLhackvertor1/16/2025XSS0 30 30Characters prepended to URL, which yield in the same host propertyInsertScript1/10/2025JS0Bypasses for __proto__ string matchvitorfhc8/29/2024JS0 1 1XSS vectors that execute automatically inside mathhackvertor4/17/2024XSS0 18 18 18Entities allowed between function call and numberhackvertor7/2/2024XSS0Found 236 recordsPage 8 of 12«3456789101112»
