| List of HTML elements that convert to arbitrary string | joaxcar | 4/10/2024 | XSS | 0 |
 1 | Characters that starts element name | lUcgryy | 3/10/2025 | HTML | 0 |
1 | Escape inline double quote | lUcgryy | 3/7/2025 | XSS | 0 |
| Characters to break out from eval string | m-boll | 5/12/2024 | JS | 0 |
 24 | Characters that can be used in eval to write code in between | m-boll | 5/12/2024 | JS | 0 |
1 | Characters that can be between < and script> | m10x | 11/12/2024 | HTML | 0 |
| test-id | made-pradipta_grabtaxi | 3/26/2025 | HTML | 0 |
 1 | Chars that can be used as opening bracket in innerHTML | nollium | 4/19/2025 | JS | 0 |
141 | char not urlencoded (data+) | nu11secur1ty | 9/29/2024 | JS | 0 |
1 | work | nu11secur1ty | 9/29/2024 | HTML | 0 |
1 | HTML vector | nu11secur1ty | 9/29/2024 | HTML | 0 |
2 | char not urlencoded (data) | nu11secur1ty | 9/29/2024 | JS | 0 |
1 | domain values | nu11secur1ty | 9/29/2024 | JS | 0 |
| Characters that close or encapsulate HTML attribute values | ola456 | 11/5/2024 | XSS | 1 |
| Characters ending XML Processing Instructions (WIP) | ola456 | 2/4/2025 | XSS | 0 |
| Characters that end unencapsulated HTML attribute values | ola456 | 5/14/2025 | XSS | 0 |
1 | Characters allowed to break double quotes | p3n7a90n | 6/30/2024 | XSS | 0 |
32 | Characters that can precede the javascript protocol copy | rcbarnett | 5/2/2024 | XSS | 0 |
3  3 | Characters allowed javascript and colon | renniepak | 4/9/2024 | JS | 3 |
| Impossible lab frameset | renniepak | 11/27/2024 | HTML | 0 |
