All VectorsVector nameUser Created Type Likes 5 5 5 5Characters allowed before after onerror eventst0xodile10/23/2025XSS1 1 1 1 1Electron XSS TESTP4rkJW10/22/2025HTML0 1 1 1 1Characters allowed in between @importbribes10/19/2025XSS0 1 1 1 1dsqdNikolaT3esla10/1/2025HTML0 7 7 7 7Closing title tag name separatorsola4569/15/2025XSS0 1 1 1 1masato - braves parsing finding entity testInsertScript8/3/2025XSS1 1 1 1 1masato - braves parsing finding valid charactersInsertScript8/3/2025XSS1 1 1 1 1masato - braves parsing finding valid attributesInsertScript8/3/2025XSS1 1 1 1 1masato - braves parsing findingInsertScript8/3/2025XSS1 106 106 106 106Named HTML entities that can be closed with !avlidienbrunn7/29/2025XSS2 1 1 1 1Characters cause self closing taghackvertor7/23/2025XSS0 2 2 2 2Characters ignored following slash in self closing taghackvertor7/23/2025XSS1⚠ Browser differences 67 65 67 67Characters allowed inside javascript protocol and still returns the hostnameRenwaX237/21/2025JS3 25 25 25 25Characters allowed after a biginthackvertor7/18/2025JS0 31 31 31 31Characters allowed either side of a variable assignmenthackvertor7/18/2025JS0 25 25 25 25Characters allowed after throw statementhackvertor7/14/2025JS0 82 82 82 82encodeURI() not encoded with %forglockenspielexact7/11/2025JS1 65.4k 65.4k 65.4k 65.4kCharacters encoded by escape()JorianWoltjer7/4/2025JS1 63.4k 63.4k 63.4k 63.4kCharacters encoded by encodeURI()JorianWoltjer7/4/2025JS1 63.4k 63.4k 63.4k 63.4kCharacters encoded by encodeURIComponent()JorianWoltjer7/4/2025JS1Found 253 recordsPage 2 of 13«12345678910»
