 1 | characters allowed between exclamation mark and greater then | InsertScript | 6/18/2024 | HTML | 0 |
| Characters allowed in colon entity | InsertScript | 9/19/2024 | XSS | 0 |
| Characters allowed between an object and bracket notation | cold-try | 4/15/2024 | JS | 0 |
3 | Characters allowed between slashes | hackvertor | 4/8/2024 | JS | 0 |
20 | Difference between browser-supported handlers and Shazzer 'events' list | hansmach1ne | 1/5/2025 | JS | 0 |
1  1 | Characters allowed instead of equal sign | c3l3si4n | 4/28/2024 | XSS | 0 |
| Entities still parsed in uppercase | hackvertor | 7/2/2024 | JS | 0 |
16 | Difference between browser-supported handlers and Shazzer 'all_browser_events' list | hansmach1ne | 1/5/2025 | JS | 0 |
25 | Loose comparison, characters appended which still result in type coercion | hansmach1ne | 1/6/2025 | JS | 0 |
| Characters ignored in an attribute name | hackvertor | 5/28/2024 | XSS | 0 |
| Entities allowed between slashes on a protocol relative URL | hackvertor | 7/6/2024 | JS | 0 |
| Characters allowed after parentheses | hackvertor | 4/1/2024 | JS | 0 |
| Characters that can break out of a single line comment | 0x999-x | 4/10/2024 | JS | 0 |
| JavaScript separators between function names | InsertScript | 4/2/2024 | JS | 0 |
| Characters that separate CSS properties | hackvertor | 4/2/2024 | HTML | 0 |
 25 | Characters allowed before optional chaining | hackvertor | 5/4/2024 | JS | 0 |
| Entities allowed between function calls | hackvertor | 6/29/2024 | XSS | 0 |
| Valid characters before domain 1 | avlidienbrunn | 4/10/2024 | XSS | 0 |
| Characters after strings | hackvertor | 4/3/2024 | JS | 0 |
| Characters allowed between HTML attributes | 0x999-x | 4/10/2024 | XSS | 0 |
