 4 | Entities allowed between two forward slashes | InsertScript | 9/19/2024 | XSS | 1 |
| Characters allowed in colon entity | InsertScript | 9/19/2024 | XSS | 0 |
| Character that closes HTML tag | InsertScript | 4/2/2024 | HTML | 0 |
1 | characters allowed between exclamation mark and greater then | InsertScript | 6/18/2024 | HTML | 0 |
| characters after slash that make a http protocol | InsertScript | 4/3/2024 | XSS | 0 |
| Character allowed after onerror event | InsertScript | 4/2/2024 | XSS | 0 |
| JavaScript separators between function names | InsertScript | 4/2/2024 | JS | 0 |
| HTML-Encoded Attribute Escape | IDKdir | 7/13/2024 | XSS | 0 |
6  6 | ToUpperCase Improper Character Morphing | IDKdir | 7/13/2024 | JS | 1 |
1143 | Mutated XSS Attributes | IDKdir | 7/13/2024 | XSS | 0 |
| Host | IDKdir | 7/15/2024 | JS | 0 |
| React DOM src | IDKdir | 7/15/2024 | JS | 0 |
29 | Non-standard characters that break JSON.parse() | DreyAnd | 11/15/2024 | JS | 1 |
8 | Characters that expand upon toUpperCase() | DreyAnd | 4/10/2024 | JS | 0 |
1 1 | < removal bypass | Device1306 | 10/9/2024 | HTML | 0 |
| JavaScript Scheme starting with https:// | BinaryScary | 6/28/2024 | JS | 4 |
| JavaScript Scheme starting with http | BinaryScary | 7/16/2024 | JS | 1 |
1 | Characters that can break out of an inline style with double quotes | 0xdef1ant | 7/13/2024 | XSS | 0 |
1 | Characters that can break out of an inline style with single quotes | 0xdef1ant | 7/13/2024 | XSS | 0 |
1 | Characters that can break out of an inline style background-image url | 0xdef1ant | 7/13/2024 | XSS | 1 |
