 275 | Characters appended at the end of TLD within URL, which yield in the same Origin | hansmach1ne | 1/5/2025 | JS | 2 |
31 | Characters appended at the end of TLD within URL, which yield in the same host property | InsertScript | 1/10/2025 | JS | 0 |
1  1 | Characters between < and element name | ThomasOrlita | 4/15/2024 | HTML | 1 |
7 7 | Characters between element name and > | ThomasOrlita | 4/15/2024 | HTML | 0 |
| Characters ending XML Processing Instructions (WIP) | ola456 | 2/4/2025 | XSS | 0 |
| Characters ignored after backslash with multiline string | hackvertor | 6/18/2024 | JS | 0 |
| Characters ignored in an attribute name | hackvertor | 5/28/2024 | XSS | 0 |
| Characters ignored in strings when doing a non strict comparison | hackvertor | 6/18/2024 | JS | 0 |
| Characters in-between square brackets that close cdata | hackvertor | 10/8/2024 | XSS | 0 |
| Characters not urlencoded when using the credentials part of the URL | hackvertor | 5/28/2024 | JS | 1 |
| Characters not urlencoded when using the shema part of the URL | d0ge | 9/24/2024 | JS | 0 |
| Characters prepended to URL host. check if difference between URL and a tag | InsertScript | 1/10/2025 | JS | 0 |
30 | Characters prepended to URL, which yield in the same host property | InsertScript | 1/10/2025 | JS | 0 |
| Characters that act as array literals | hackvertor | 6/24/2024 | JS | 0 |
| Characters that act as attribute quotes | hackvertor | 5/28/2024 | XSS | 0 |
| Characters that act as attribute quotes copy | freddyb | 5/31/2024 | XSS | 0 |
| Characters that act as new lines in multi line strings | hackvertor | 6/20/2024 | JS | 1 |
| Characters that act as parentheses | hackvertor | 6/24/2024 | JS | 0 |
| Characters that act as quotes or whitespace | hackvertor | 4/13/2024 | HTML | 0 |
| Characters that act like new line or single line comment | hackvertor | 4/13/2024 | JS | 0 |
