| HTML elements that parse differently when rendered | hackvertor | 4/19/2024 | XSS | 1 |
 1  1 | XSS vectors that execute automatically inside math | hackvertor | 4/17/2024 | XSS | 0 |
| Entities that are normalized for e | hackvertor | 7/12/2024 | JS | 0 |
| Characters not urlencoded when using the credentials part of the URL | hackvertor | 5/28/2024 | JS | 1 |
| Attributes that are also DOM properties | hackvertor | 4/30/2024 | XSS | 0 |
661 662 | Characters that can be used as valid labels in JavaScript | hackvertor | 4/30/2024 | JS | 2 |
| HTML comment before greater than | hackvertor | 3/30/2024 | HTML | 0 |
6 | Characters allowed before onerror events | hackvertor | 3/30/2024 | XSS | 0 |
106  106 | Tags that support HTML comments | hackvertor | 1/26/2025 | XSS | 0 |
| Break out of CSS strings | hackvertor | 4/4/2024 | HTML | 0 |
| Characters that act as quotes or whitespace | hackvertor | 4/13/2024 | HTML | 0 |
| Entities that convert to greater than in a iframe srcdoc | hackvertor | 8/1/2024 | XSS | 0 |
| All events on window | hackvertor | 5/31/2024 | JS | 1 |
| Characters ignored in an attribute name | hackvertor | 5/28/2024 | XSS | 0 |
| Characters allowed in-between operators | hackvertor | 4/14/2024 | JS | 2 |
1 1 | XSS vectors that execute automatically inside svg | hackvertor | 4/17/2024 | XSS | 0 |
| Tags that get reordered in the DOM | hackvertor | 1/21/2025 | XSS | 0 |
| Characters that act as attribute quotes | hackvertor | 5/28/2024 | XSS | 0 |
| Characters ignored in strings when doing a non strict comparison | hackvertor | 6/18/2024 | JS | 0 |
| Characters that act as attribute quotes copy | freddyb | 5/31/2024 | XSS | 0 |
