Reflected XSS into HTML context with nothing encoded
Stored XSS into HTML context with nothing encoded
DOM XSS in document.write sink using source location.search
DOM XSS in innerHTML sink using source location.search
DOM XSS in jQuery anchor href attribute sink using location.search source
DOM XSS in jQuery selector sink using a hashchange event
Reflected XSS into attribute with angle brackets HTML-encoded
Stored XSS into anchor href attribute with double quotes HTML-encoded
Last updated 9 months ago