| HTML tags that force HTML mode inside SVG | hackvertor | 8/2/2024 | XSS | 1 |
 2  2 | HTML entities before JavaScript URL | hackvertor | 6/25/2024 | JS | 0 |
1 1 | XSS vectors that execute automatically inside svg | hackvertor | 4/17/2024 | XSS | 0 |
| Characters after strings | hackvertor | 4/3/2024 | JS | 0 |
| Entities that cause an external URL before @ | hackvertor | 9/25/2024 | XSS | 4 |
| Tags that HTML encode it's contents | hackvertor | 7/16/2024 | XSS | 0 |
| Characters allowed after * in CSS comments | hackvertor | 3/31/2024 | HTML | 0 |
| HTML comment before greater than | hackvertor | 3/30/2024 | HTML | 0 |
| HTML elements that parse differently when rendered | hackvertor | 4/19/2024 | XSS | 1 |
| Entities allowed between function call and number | hackvertor | 7/2/2024 | XSS | 0 |
3 | Characters allowed between slashes | hackvertor | 4/8/2024 | JS | 0 |
25 | Characters allowed before optional chaining | hackvertor | 5/4/2024 | JS | 0 |
| Entities allowed as JS variables | hackvertor | 7/2/2024 | XSS | 1 |
7  7 | Fuzzing weird script behaviour after script text | hackvertor | 7/18/2024 | XSS | 0 |
| Entities allowed after slashes on a protocol relative URL | hackvertor | 7/6/2024 | JS | 0 |
| Characters that act as quotes or whitespace | hackvertor | 4/13/2024 | HTML | 0 |
25 25 | Characters allowed after optional chaining | hackvertor | 5/4/2024 | JS | 1 |
| Characters that cause the backslash to be consumed with a big5 charset | hackvertor | 11/1/2024 | XSS | 0 |
| Differences between escape vs encodeURIComponent | hackvertor | 10/15/2024 | JS | 0 |
| Characters that cause exceptions when URL encoded | hackvertor | 10/3/2024 | JS | 2 |
