Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / portswigger/xss-cheatsheet-data issues and pull requests

#74 - upper-case transformation by the server

Issue - State: closed - Opened by Hipapheralkus about 1 month ago - 1 comment

#73 - Added onstalled event handler to events.json

Pull Request - State: closed - Opened by Amrit-prasad 4 months ago - 1 comment

#72 - Add "oncancel" Event Handler

Issue - State: closed - Opened by ghost 4 months ago - 1 comment

#71 - Additional JavaScript Event Handlers

Issue - State: closed - Opened by ghost 4 months ago - 5 comments

#70 - Add some cases to replace spaces in attribute context.

Pull Request - State: closed - Opened by isacaya 5 months ago - 1 comment

#69 - Update prototype-pollution.json

Pull Request - State: closed - Opened by SecDev0ps 5 months ago - 1 comment

#68 - Add onwaiting event

Pull Request - State: closed - Opened by Osb0rn3 5 months ago

#67 - Adding onstalled event XSS payload.

Issue - State: closed - Opened by SMHTahsin33 5 months ago - 2 comments

#65 - New XSS webkit Event.

Issue - State: closed - Opened by SMHTahsin33 5 months ago - 3 comments

#64 - Some New XSS events to the list

Issue - State: closed - Opened by ZhenwarX 5 months ago - 1 comment

#63 - Add onwebkitplaybacktargetavailabilitychanged event - no user interaction

Pull Request - State: closed - Opened by Osb0rn3 5 months ago - 1 comment

#62 - autofocus on elements with tabindex=1 fires onfocus event directly

Issue - State: closed - Opened by filipnyquist 5 months ago - 2 comments

#61 - Attribute 'start' in the <ol> tag to trigger an alert.

Issue - State: closed - Opened by TaurusOmar 7 months ago - 1 comment

#60 - Remove Firefox-only marquee events after v126 releases

Pull Request - State: closed - Opened by evilpie 7 months ago

#59 - PDF

Issue - State: closed - Opened by wtconsulting 8 months ago - 3 comments

#58 - Add onpointercancel - requires user interaction

Issue - State: closed - Opened by wcraft-log 8 months ago - 1 comment

#57 - onwaiting can be fired with user interaction.

Issue - State: closed - Opened by hackvertor 8 months ago - 3 comments

#56 - Add onformdata - requires user interaction

Issue - State: closed - Opened by hansmach1ne 9 months ago - 6 comments

#55 - Add ondragexit - requires user interaction

Issue - State: closed - Opened by hansmach1ne 9 months ago - 2 comments

#54 - Add onsuspend event - no user interaction

Issue - State: closed - Opened by hansmach1ne 9 months ago - 2 comments

#53 - Better onloadstart payload for newer firefox versions and other browsers

Issue - State: closed - Opened by hansmach1ne 9 months ago - 2 comments

#52 - Add onstalled eventhandler method - no user interaction

Issue - State: closed - Opened by hansmach1ne 9 months ago - 5 comments

#51 - Exploiting [unexploitable XSS] in Microsoft Edge

Issue - State: closed - Opened by myuyu about 1 year ago - 2 comments

#50 - XSS attack using the constructor property

Issue - State: closed - Opened by LRTK-CODER about 1 year ago - 1 comment

#48 - [QUESTION] classic.json payloads are too old to reproduce?

Issue - State: closed - Opened by leveryd over 1 year ago - 1 comment

#47 - Add \x0a-\x0f

Issue - State: closed - Opened by alessandrorumampuk over 1 year ago - 2 comments

#46 - XSS payload with alert obfuscate

Issue - State: closed - Opened by paragbagul111 over 1 year ago - 1 comment

#45 - Fix browsers compliance and add new vectors (no parentheses)

Pull Request - State: closed - Opened by yanncam almost 2 years ago - 1 comment

#44 - Re-add older credits?

Issue - State: closed - Opened by mornau almost 2 years ago - 2 comments

#43 - XSS payload with custom tag (without needing the hash)

Issue - State: closed - Opened by xhzeem almost 2 years ago - 2 comments

#42 - AngularJS sandbox escapes reflected

Issue - State: closed - Opened by sp3xsr almost 2 years ago - 8 comments

#41 - (merge after December 13th) Move loadstart and loadend event to the XSS crypt

Pull Request - State: closed - Opened by mozfreddyb almost 2 years ago - 3 comments

#40 - xss payload when devloper block alert method

Issue - State: closed - Opened by paragbagul111 about 2 years ago - 2 comments

#38 - Incorrect file format

Issue - State: closed - Opened by EffectivelyEfficient about 2 years ago - 1 comment

#37 - Add onbeforeinput event

Pull Request - State: closed - Opened by l4yton about 2 years ago

#35 - filtered list

Issue - State: closed - Opened by AM0TZ over 2 years ago - 5 comments

#34 - Add ononline & onoffline events

Pull Request - State: closed - Opened by dwisiswant0 over 2 years ago

#33 - New XSS vector `onoffline` & `ononline`

Issue - State: closed - Opened by dwisiswant0 over 2 years ago - 1 comment

#32 - New XSS Vector `onratechange`

Issue - State: closed - Opened by dwisiswant0 over 2 years ago - 3 comments

#31 - Update vuejs.json, inserting cases with non default delimiters

Pull Request - State: closed - Opened by f-min over 2 years ago - 6 comments

#30 - XSS Without ">" #2

Issue - State: closed - Opened by alessandrorumampuk over 2 years ago - 1 comment

#29 - Added xss payload without (){}":;,.'

Pull Request - State: closed - Opened by ladecruze almost 3 years ago - 1 comment

#28 - Add slot-scope gadget

Pull Request - State: closed - Opened by davwwwx almost 3 years ago - 1 comment

#27 - [Impossible Labs] Reg. Addition to the lab

Issue - State: closed - Opened by tarunkant about 3 years ago - 4 comments

#26 - discard tag missing from list of tags

Issue - State: closed - Opened by Sanduuz about 3 years ago - 1 comment

#25 - Display browser compatibility for all sections

Issue - State: closed - Opened by jkmartindale over 3 years ago - 2 comments

#24 - XSS Without ">"

Issue - State: closed - Opened by alessandrorumampuk over 3 years ago - 5 comments

#23 - XSS cookie exfiltration without parentheses, backticks or quotes

Issue - State: closed - Opened by the-xentropy over 3 years ago - 4 comments

#22 - Added DOM AngularJS sandbox escape (1.4.2-1.5.8)

Pull Request - State: closed - Opened by kachakil-av over 3 years ago - 1 comment

#21 - copy payloads to clipboard

Issue - State: closed - Opened by ghanisol over 3 years ago - 2 comments

#20 - javascript://%0A

Issue - State: closed - Opened by ngyikp over 3 years ago - 8 comments

#19 - Knockout.js prototype pollution gadget

Issue - State: closed - Opened by securityMB almost 4 years ago - 2 comments

#18 - Extension template

Issue - State: closed - Opened by michaelkruglos almost 4 years ago - 1 comment

#17 - Fix browsers list for text/xsl content-type

Pull Request - State: closed - Opened by BlackFan about 4 years ago

#16 - impossible lab

Pull Request - State: closed - Opened by nerdyamigo over 4 years ago - 3 comments

#15 - Update angularjs.json

Pull Request - State: closed - Opened by gadhiyasavan over 4 years ago - 2 comments

#14 - Added shorter Vuejs payload

Pull Request - State: closed - Opened by p4fg over 4 years ago - 1 comment

#13 - Move `isindex` to classic

Pull Request - State: closed - Opened by diofeher over 4 years ago - 1 comment

#12 - Copy & Paste XSS-es

Issue - State: closed - Opened by securityMB over 4 years ago - 1 comment

#11 - [impossible XSS] Attribute length 20 chars - arbitrary code

Issue - State: closed - Opened by dostoevskylabs over 4 years ago - 6 comments

#10 - Update vuejs.json

Pull Request - State: closed - Opened by 0xTeles over 4 years ago

#9 - Impossible XSS - Basic Context - Length Limit 18 - Arbitrary Code

Issue - State: closed - Opened by stayanonymous over 4 years ago - 1 comment

#8 - Adding vue.js specific payloads

Pull Request - State: closed - Opened by LewisArdern over 4 years ago - 2 comments

#7 - Is this worth adding?

Issue - State: closed - Opened by shhnjk almost 5 years ago - 2 comments

#6 - add onpointer* , ontouch* pattern

Pull Request - State: closed - Opened by hahwul almost 5 years ago - 2 comments

#5 - Hieroglyphy obfuscation

Pull Request - State: closed - Opened by theMiddleBlue about 5 years ago - 4 comments

#4 - Adds window.name references

Pull Request - State: closed - Opened by Simpsonpt about 5 years ago - 1 comment

#3 - WAF bypass using JavaScript global object

Pull Request - State: closed - Opened by theMiddleBlue about 5 years ago - 8 comments

#2 - license prevents collaboration & community involvement

Issue - State: closed - Opened by mozfreddyb about 5 years ago - 5 comments

#1 - Firefox null byte issues fixed in Firefox 70

Pull Request - State: closed - Opened by mozfreddyb about 5 years ago - 2 comments