All VectorsVector nameUser Created Type Likes 2.1kChars in href that will not default to full URLjoaxcar11/16/2024XSS0 2 2 2List of HTML elements that convert to arbitrary stringjoaxcar4/10/2024XSS0 3 3Characters that can be inside the javascript protocolhipotermia1/22/2025XSS0 1 1CSS inline property definitionhipotermia3/12/2025HTML0 6 6 6Allowed characters right after tag name & before tag closure, no other characters in betweenhansmach1ne1/9/2025XSS0 275Characters appended at the end of TLD within URL, which yield in the same Originhansmach1ne1/5/2025JS2 25Loose comparison, characters appended which still result in type coercionhansmach1ne1/6/2025JS1 16Difference between browser-supported handlers and Shazzer 'all_browser_events' listhansmach1ne1/5/2025JS0 20Difference between browser-supported handlers and Shazzer 'events' listhansmach1ne1/5/2025JS0 75 75 74Characters not urlencoded when using the credentials part of the URLhackvertor5/28/2024JS1 965 1.1k 1.1k 890Window propertieshackvertor5/31/2024JS0 2 2 2Tags that HTML encode it's contentshackvertor7/16/2024XSS0 19 19 19Entities allowed before function callshackvertor7/2/2024XSS0 3 3 3Entities that convert to greater than in a iframe srcdochackvertor8/1/2024XSS0 292 271 267document propertieshackvertor5/31/2024JS0 5 5 5Properties that contain URLshackvertor5/31/2024JS2 13 13 13Properties are accessible in a sandboxed iframehackvertor6/7/2024JS0 10 10 11Attributes that are also DOM propertieshackvertor4/30/2024XSS0 1 1 1Properties that are accessible on locationhackvertor6/7/2024JS0 7 7 7Fuzzing weird script behaviour after script texthackvertor7/18/2024XSS0Found 240 recordsPage 3 of 12«12345678910»
