All VectorsVector nameUser Created Type Likes 9 9 9XSS vectors that consume tagY4tacker11/5/2024XSS1 7 7 7 7Characters that close or encapsulate HTML attribute valuesola45611/5/2024XSS1 62.5k 62.5k 62.5k 62.5kCharacters that cause the backslash to be consumed with GBK charsethackvertor11/7/2024XSS0⚠ Browser differences 4 3 4HTML elements that inherit properties which return the full URL0x999-x11/14/2024XSS0⚠ Browser differences 2.1k 1 2.1kChars in href that will not default to full URLjoaxcar11/16/2024XSS0 8 8 8 8DOM element relationshipsjoaxcar4/10/2024XSS0 31 31 31 31Characters allowed after greater than in eventshackvertor6/21/2024XSS0 2 2 2 2ISO-2022-JP ASCII escape sequencehackvertor12/11/2024XSS1 30 30 30Characters allowed after equals sign for eventYouGina12/17/2024XSS1 2 2 2Bytes that will normalize ISO-2022-JPCillian-Collins12/26/2024XSS1 2 2 2Bytes that will scramble ISO-2022-JPCillian-Collins12/26/2024XSS1⚠ Browser differences 48 48 48 32Valid characters before domain 1avlidienbrunn4/10/2024XSS0⚠ Browser differences 7 8 7 5XSS vectors that execute automatically hackvertor4/17/2024XSS0 127 127 127HTML TAGS ListsY4tacker1/3/2025XSS0 1 1 1 1XSS vectors that execute automatically inside svghackvertor4/17/2024XSS0 6 6 6Allowed characters right after tag name & before tag closure, no other characters in betweenhansmach1ne1/9/2025XSS0⚠ Browser differences 16 16 16 6Entities allowed between function callshackvertor6/29/2024XSS0⚠ Browser differences 2 4 2framers event executorsweizman4/10/2024XSS0 1 1 1 1XSS vectors that execute automatically inside mathhackvertor4/17/2024XSS0 1 1 1Characters allowed to break double quotesp3n7a90n6/30/2024XSS0Found 253 recordsPage 9 of 13«45678910111213»
