All VectorsVector nameUser Created Type Likes 3 3 3 3HTML entities inside JavaScript URL before colonhackvertor6/25/2024JS0 25 25 25 25Characters allowed between in operatorhackvertor4/3/2024JS0⚠ Browser differences 48 48 48 32Valid characters before domain 1avlidienbrunn4/10/2024XSS0⚠ Browser differences 7 7 7 5XSS vectors that execute automatically hackvertor4/17/2024XSS0 2 2 2 2HTML entities before JavaScript URLhackvertor6/25/2024JS0 1 1 1 1XSS vectors that execute automatically inside svghackvertor4/17/2024XSS0⚠ Browser differences 16 16 16 6Entities allowed between function callshackvertor6/29/2024XSS0 2 2 2framers event executorsweizman4/10/2024XSS0 1 1 1 1XSS vectors that execute automatically inside mathhackvertor4/17/2024XSS0 1 1 1Characters allowed to break double quotesp3n7a90n6/30/2024XSS0 19 19 19 19Entities allowed before function callshackvertor7/2/2024XSS0 6 6 6Characters allowed before onerror eventshackvertor3/30/2024XSS0 26 26 26 26Characters allowed after parentheseshackvertor4/1/2024JS0 16 16 16 16Characters after stringshackvertor4/3/2024JS0 1 1 1Entities allowed inside function namehackvertor7/2/2024XSS0 18 18 18 18Entities allowed between function call and numberhackvertor7/2/2024XSS0 1 1 1Characters allowed instead of equal signc3l3si4n4/28/2024XSS0 35 35 35 35Entities still parsed in uppercasehackvertor7/2/2024JS0⚠ Browser differences 1 1 1 4Entities allowed between slashes on a protocol relative URLhackvertor7/6/2024JS0 2 2 2 2List of HTML elements that convert to arbitrary stringjoaxcar4/10/2024XSS0Found 245 recordsPage 6 of 13«12345678910»
