All VectorsVector nameUser Created Type Likes 1 1 1 1XSS vectors that execute automatically inside mathhackvertor4/17/2024XSS0 1 1 1Characters allowed to break double quotesp3n7a90n6/30/2024XSS0 2 2 2 2Characters allowed after colon which result in an external URLhackvertor1/16/2025XSS0⚠Browser differences 48 48 48 32Characters allowed after slashes which result in an external URL hackvertor1/16/2025XSS0 31 31 31 31Characters allowed after malformed entitieshackvertor7/1/2024XSS1 34 34 34 34Characters allowed before slashes which result in an external URLhackvertor1/16/2025XSS1 4 4 4 4Entities allowed before slashes which result in an external URLhackvertor1/16/2025XSS0⚠Browser differences 34 35 34 34HTML elements that parse differently when renderedhackvertor4/19/2024XSS1 19 19 19 19Entities allowed before function callshackvertor7/2/2024XSS0 32 32 32 32Characters allowed before the JavaScript protocolhackvertor1/16/2025XSS0 2 2 2 2Malformed HTML commentshackvertor1/17/2025XSS0 1 1 1Entities allowed inside function namehackvertor7/2/2024XSS0 108 108 108 108Tags that get reordered in the DOMhackvertor1/21/2025XSS0 6 6 6Characters allowed before onerror eventshackvertor3/30/2024XSS0 3 3 3 3Characters that can be inside the javascript protocolhipotermia1/22/2025XSS0 32 32 32 32Characters that can precede the javascript protocolrenniepak4/10/2024XSS4 15 15 15 15HTML elements that are self closing or different text contenthackvertor4/19/2024XSS2 18 18 18 18Entities allowed between function call and numberhackvertor7/2/2024XSS0 14 14 14 14Tags that get moved out of parenthackvertor1/22/2025XSS0⚠Browser differences 105 106 105Tags that support HTML commentshackvertor1/26/2025XSS0Found 253 recordsPage 10 of 13«45678910111213»
