window.open(url, name) is vulnerable to XSS with name collision · Issue #262 · w3c/html · GitHub

Xiaoran Wang (xiaoran@attacker-domain.com) This is a joint research with Travis Safford. window.open(url, name, [args]) makes it easy for websites accepting user supplied URLs to be vulnerable when attackers can cause a collision on the

10 Practical scenarios for XSS attacks

Automating Discovery and Exploiting DOM (Client) XSS Vulnerabilities using Sboxr — Part 3, by Riyaz Walikar

DOM-based cross-site scripting (DOM_XSS) issue found in angular.js in Coverity scan · Issue #17045 · angular/angular.js · GitHub

When `window.name` is evaluated #xss · GitHub

AppSec-Labs, Application Security

GitHub - cak/XSS-Challenge: A simple Cross-Site Scripting (XSS) challenge with multiple contexts and filters.

Missing required argument $name · Issue #294 · Smile-SA/elasticsuite · GitHub

Open-Redirect-Payloads/Open-Redirect-payloads.txt at master · cujanovic/Open-Redirect-Payloads · GitHub

JNDI-Related Vulnerability Discovered in H2 Database Console

eclipse - The type org.openqa.selenium.chrome.ChromeDriver is not accessible - Stack Overflow

writeups/bug.md at main · tess-ss/writeups · GitHub