All VectorsVector nameUser Created Type Likes 2 2 2 2HTML entities inside JavaScript URLhackvertor6/25/2024JS0⚠ Browser differences 7 7 7 5XSS vectors that execute automatically hackvertor4/17/2024XSS0⚠ Browser differences 34 35 34 34HTML elements that parse differently when renderedhackvertor4/19/2024XSS1⚠ Browser differences 1 1 1 4Entities allowed before slashes on a protocol relative URLhackvertor7/6/2024JS0⚠ Browser differences 49k 49k 49k 49kCharacters that can be used as valid labels in JavaScripthackvertor4/30/2024JS2⚠ Browser differences 105 106 105Tags that support HTML commentshackvertor1/26/2025XSS0 8 8 8 8Characters that act as quotes or whitespacehackvertor4/13/2024HTML0 48 48 48 48Characters allowed before host name that are ignoredhackvertor6/11/2025XSS0 25 25 25 25Characters allowed in-between operatorshackvertor4/14/2024JS2⚠ Browser differences 124 122 124 128All events on windowhackvertor5/31/2024JS1 3 3 3 3HTML entities inside JavaScript URL before colonhackvertor6/25/2024JS0 1 1 1 1XSS vectors that execute automatically inside svghackvertor4/17/2024XSS0 25 25 25 25Characters ignored in strings when doing a non strict comparisonhackvertor6/18/2024JS0 2 2 2 2Characters that act as attribute quoteshackvertor5/28/2024XSS0 1 1 1 1XSS vectors that execute automatically inside mathhackvertor4/17/2024XSS0 18 18 18 18Entities allowed between function call and numberhackvertor7/2/2024XSS0 47 47 47Characters appended at the end of TLD within URL, which yield in the same Originhansmach1ne1/5/2025JS2 6 6 6Allowed characters right after tag name & before tag closure, no other characters in betweenhansmach1ne1/9/2025XSS0⚠ Browser differences 28 16 23Difference between browser-supported handlers and Shazzer 'events' listhansmach1ne1/5/2025JS0 1 1 1Difference between browser-supported handlers and Shazzer 'all_browser_events' listhansmach1ne1/5/2025JS0Found 245 recordsPage 10 of 13«45678910111213»
