All VectorsVector nameUser Created Type Likes 1 1 1Characters that can break out of an inline style with double quotes0xdef1ant7/13/2024XSS0 6 6 6 6Characters allowed between HTML attributes0x999-x4/10/2024XSS0⚠Browser differences 20 20 20 10Attributes that are also DOM propertieshackvertor4/30/2024XSS0 1 1 1Characters that can break out of an inline style with single quotes0xdef1ant7/13/2024XSS0 3 3 3 3HTML entities inside JavaScript URL before colonhackvertor6/25/2024JS0 14 14 14Active formatting elementsJorianWoltjer5/1/2024XSS0 1.1k 1.1k 1.1kMutated XSS AttributesIDKdir7/13/2024XSS0⚠Browser differences 24 16 24Difference between browser-supported handlers and Shazzer 'events' listhansmach1ne1/5/2025JS0 25 25 25 25Characters allowed between in operatorhackvertor4/3/2024JS0 1 1 1HostIDKdir7/15/2024JS0 1 1 1 1XSS vectors that execute automatically inside svghackvertor4/17/2024XSS0 5 5 5 5Character allowed after onerror eventInsertScript4/2/2024XSS0 4 4 4 4Break out of CSS stringshackvertor4/4/2024HTML0 8 8 8Characters that expand upon toUpperCase() DreyAnd4/10/2024JS0⚠Browser differences 32 32 32 33Characters that can precede the javascript protocol copyrcbarnett5/2/2024XSS0 5 5 5 5Characters allowed before CSS selectorshackvertor7/15/2024XSS0 25 25 25 25Characters allowed before optional chaininghackvertor5/4/2024JS0 1 1 1React DOM srcIDKdir7/15/2024JS0 2 2 2 2Tags that HTML encode it's contentshackvertor7/16/2024XSS0⚠Browser differences 16 17 16 17Tags that remove the span or are self closinghackvertor7/16/2024XSS0Found 253 recordsPage 9 of 13«45678910111213»
