All VectorsVector nameUser Created Type Likes 64 64 64Characters allowed after hostname but don't change the hostnameThomasOrlita4/15/2024JS2 1 1 1Characters allowed in-between hyphenshackvertor4/14/2024XSS1 89 89 89Characters unencoded characters supported in the hashhackvertor9/24/2024JS1 4Entities allowed between two forward slashesInsertScript9/19/2024XSS1 39 39 1HTML tags that force HTML mode inside SVGhackvertor8/2/2024XSS1JavaScript Scheme starting with httpBinaryScary7/16/2024JS1 1 1 1 1Characters between < and element nameThomasOrlita4/15/2024HTML1 577 577 577Entities allowed as JS variableshackvertor7/2/2024XSS1 2JIS X 0208 bytes that produce ASCII charactersJorianWoltjer9/22/2024JS1 1Includes Validation Chars AllowedSimpsonpt10/8/2024JS1 6 6ToUpperCase Improper Character MorphingIDKdir7/13/2024JS1 1Characters that can break out of an inline style background-image url0xdef1ant7/13/2024XSS1 31 31 31Characters allowed after malformed entitieshackvertor7/1/2024XSS1 3 1 3Characters allowed at IPv6 but don't change the hostnamed0ge6/10/2024JS1 119 118 115All events on windowhackvertor5/31/2024JS1 312 314 311Characters allowed at hostnamed0ge6/11/2024JS1 75 75 74Characters not urlencoded when using the credentials part of the URLhackvertor5/28/2024JS1 1Characters that change length on .toLowerCase()JorianWoltjer4/11/2024JS1 34 34 35HTML elements that parse differently when renderedhackvertor4/19/2024XSS1 63.3k 63.3k 63.3kDifferences between escape vs encodeURIComponenthackvertor10/15/2024JS1Found 238 recordsPage 2 of 12«12345678910»
