window.open(url, name) is vulnerable to XSS with name collision · Issue #262 · w3c/html · GitHub

Xiaoran Wang (xiaoran@attacker-domain.com) This is a joint research with Travis Safford. window.open(url, name, [args]) makes it easy for websites accepting user supplied URLs to be vulnerable when attackers can cause a collision on the

Node · GitHub

Offensive-Payloads/Cross-Site-Scripting-XSS-Payloads.txt at main · InfoSecWarrior/Offensive-Payloads · GitHub

Add support for inline JS/CSS with #attached [#2391025]

Connecting to WebDAV server on Microsoft Windows

Automating Discovery and Exploiting DOM (Client) XSS Vulnerabilities using Sboxr — Part 3, by Riyaz Walikar

JNDI-Related Vulnerability Discovered in H2 Database Console

Persistent XSS (unvalidated Open Graph embed) at LinkedIn.com, by Jonathan Bouman

GitHub - s0md3v/AwesomeXSS: Awesome XSS stuff

Security: window.open(url, name) is vulnerable to XSS with name collision · Issue #1509 · whatwg/html · GitHub

java - Xss Vulnerability - Stack Overflow

GitHub - Snorlyd/https-nj.gov---CVE-2020-11022: Vulnearability Report of the New Jersey official site