All VectorsVector nameUser Created Type Likes 1 1 1Characters allowed instead of equal signc3l3si4n4/28/2024XSS0 3 3 3 3Characters that can be inserted in the middle of the JS protocol namecold-try4/15/2024XSS0 26 26 26 26Characters allowed between an object and the dot operatorcold-try4/15/2024JS0 39 39 39 39Characters allowed between an object and bracket notationcold-try4/15/2024JS0⚠ Browser differences 3 1 3 1Characters allowed at IPv6 but don't change the hostnamed0ge6/10/2024JS1⚠ Browser differences 312 311 312 314Characters allowed at hostnamed0ge6/11/2024JS1 2 2 2 2Characters not urlencoded when using the shema part of the URLd0ge9/24/2024JS0 1 1 1Quotesdogspyagent7/13/2024XSS0⚠ Browser differences 50.7k 50.7k 50.7kFind WAF bypass for eval contextelieehel11/22/2024JS0 1 1 1Valid characters between function and dot-parenthesis .()felipecaon5/6/2024JS0 1 1 1Characters allowed between < and element felipecaon5/6/2024HTML0 25 25 25Valid characters between function and parenthesisfelipecaon5/6/2024JS0 82 82 82 82encodeURI() not encoded with %forglockenspielexact7/11/2025JS1 2 2 2 2Characters that act as attribute quotes copyfreddyb5/31/2024XSS0⚠ Browser differences 123 118 125 79All properties on navigator (two levels of nesting deep)freddyb6/6/2024JS0 7 7 7 7Characters Supported in </script> Tagsghannu0x012/10/2026XSS0 7 7 7 7Characters ignored in an attribute namehackvertor5/28/2024XSS0 1 1 1 1Characters allowed in-between hyphenshackvertor4/14/2024XSS1 2 2 2 2Characters that act as attribute quoteshackvertor5/28/2024XSS0⚠ Browser differences 8 9 8 9Tags that stop stylehackvertor4/9/2024HTML0Found 249 recordsPage 5 of 13«12345678910»
