All VectorsVector nameUser Created Type Likes 34 34 35HTML elements that parse differently when renderedhackvertor4/19/2024XSS1 2 2 2Malformed HTML commentshackvertor1/17/2025XSS0Entities allowed inside function namehackvertor7/2/2024XSS0 106 106Tags that support HTML commentshackvertor1/26/2025XSS0 3 3 3Entities that convert to greater than in a iframe srcdochackvertor8/1/2024XSS0 39 39 1HTML tags that force HTML mode inside SVGhackvertor8/2/2024XSS1 1 1 1Characters allowed before event in attribute name using setAttributehackvertor8/21/2024JS0 8 8 8Consuming tagshackvertor4/8/2024HTML1 5 5 5Characters allowed as a class separatorhackvertor4/13/2024XSS0 275Characters appended at the end of TLD within URL, which yield in the same Originhansmach1ne1/5/2025JS2 20Difference between browser-supported handlers and Shazzer 'events' listhansmach1ne1/5/2025JS0 16Difference between browser-supported handlers and Shazzer 'all_browser_events' listhansmach1ne1/5/2025JS0 25Loose comparison, characters appended which still result in type coercionhansmach1ne1/6/2025JS1 6 6 6Allowed characters right after tag name & before tag closure, no other characters in betweenhansmach1ne1/9/2025XSS0 1 1CSS inline property definitionhipotermia3/12/2025HTML0 3 3Characters that can be inside the javascript protocolhipotermia1/22/2025XSS0 2.1kChars in href that will not default to full URLjoaxcar11/16/2024XSS0 8 8 8DOM element relationshipsjoaxcar4/10/2024XSS0 2 2 2List of HTML elements that convert to arbitrary stringjoaxcar4/10/2024XSS0 5 5 5Characters allowed in path traversaljoaxcar8/26/2024JS0Found 238 recordsPage 10 of 12«3456789101112»
