All VectorsVector nameUser Created Type Likes 35 35 35 35Entities still parsed in uppercasehackvertor7/2/2024JS0⚠ Browser differences 1 1 1 10Entities that are normalized for ehackvertor7/12/2024JS0 4 4 4 4Entities that cause an external URL before @hackvertor9/25/2024XSS4 3 3 3 3Entities that convert to greater than in a iframe srcdochackvertor8/1/2024XSS0 3 3 3 3Entities that convert to less than in a iframe srcdochackvertor8/1/2024XSS0 1 1 1Escape inline double quotelUcgryy3/7/2025XSS0⚠ Browser differences 50.7k 50.7k 50.7kFind WAF bypass for eval contextelieehel11/22/2024JS0 33 33 33 33Fuzzing for Max sanitized input (simplified)vitorfhc4/7/2025XSS0 7 7 7Fuzzing weird script behaviour after script texthackvertor7/18/2024XSS0 127 127 127HTML TAGS ListsY4tacker1/3/2025XSS0 3 3 3 3HTML comment before greater thanhackvertor3/30/2024HTML0 15 15 15 15HTML elements that are self closing or different text contenthackvertor4/19/2024XSS2⚠ Browser differences 4 3 4HTML elements that inherit properties which return the full URL0x999-x11/14/2024XSS0⚠ Browser differences 34 35 34 34HTML elements that parse differently when renderedhackvertor4/19/2024XSS1 2 2 2 2HTML entities before JavaScript URLhackvertor6/25/2024JS0 2 2 2 2HTML entities inside JavaScript URLhackvertor6/25/2024JS0 3 3 3 3HTML entities inside JavaScript URL before colonhackvertor6/25/2024JS0 50 50 50 50HTML entities that create ASCII characters inside a JavaScript URLhackvertor6/25/2024JS4 19 19 19HTML tags and attributes that can be used to access the URL0x999-x11/4/2024XSS1 2 2 2HTML tags that can clobber the credentials part of the URL0x999-x11/4/2024XSS1Found 248 recordsPage 9 of 13«45678910111213»
