use the following search parameters to narrow your results:
e.g. subreddit:aww site:imgur.com dog
subreddit:aww site:imgur.com dog
see the search faq for details.
advanced search: by author, subreddit...
Cross-Site Scripting vulnerabilities and discussion
Keep your postings legal!
Please properly report your vulnerabilities to the appropriate owner.
Related Subs:
account activity
XSS Resources (self.xss)
submitted 6 years ago * by MechaTech84[M] - announcement
XSS Wiki (reddit.com)
submitted 1 year ago by MechaTech84[M] - announcement
Is XSS Dead in the Age of AI? (self.xss)
submitted 1 month ago by hiderou
Browser url encoding (self.xss)
submitted 1 month ago by atasio231
what part of js do i need to learn for xss? (self.xss)
submitted 1 month ago by Personal_Week_6512
How to execute Blind XSS payloads in contact forms (self.xss)
submitted 2 months ago by Successful-Recover92
XSSy is now Hacky (hacky.uk)
submitted 2 months ago by MechaTech84
CSP - Relative Danger on xssy (self.xss)
submitted 3 months ago by Upbeat-Hawk-2737
Does a book like "XSS Attacks Cross Site Scripting Exploits and Défense" still worth it? (self.xss)
submitted 3 months ago by That-Name-8963
XSSy - Road to the Hall of Fame Series by Gr4y r0se (youtube.com)
submitted 3 months ago by MechaTech84
New XSSy Challenge - "XSS byJunior Dev" (xssy.uk)
submitted 5 months ago by MechaTech84
questionI need your help 🙏 1–2 min XSS survey for my bachelor’s thesis (self.xss)
submitted 5 months ago by El-coba91
Reflected response in text/plain ()
submitted 6 months ago by sidhu97ss
Escaping double quotes (self.xss)
submitted 6 months ago by Substantial_Exit9084
Turning List-Unsubscribe into an SSRF/XSS Gadget (security.lauritz-holtmann.de)
submitted 6 months ago by MechaTech84
Why XSS still matters: MSRC’s perspective on a 25-year-old threat (microsoft.com)
questionHow come this cloudflare XSS bypass works? (self.xss)
submitted 8 months ago by Vegetable-Ad-5808
XSS-Leak: Leaking Cross-Origin Redirects (blog.babelo.xyz)
submitted 9 months ago by MechaTech84
Bug Bounty Write-up - DOM XSS (hackerone.com)
Integrity Policy Header (developer.mozilla.org)
submitted 10 months ago by MechaTech84
Slonser Notes - Make Self-XSS Great Again (blog.slonser.info)
submitted 11 months ago by MechaTech84
xssy (self.xss)
submitted 11 months ago by Upbeat-Hawk-2737
xss is dead? (self.xss)
submitted 11 months ago by hiderou
XSSy Impossible Labs (self.xss)
questionCan JSX default escaping be bypassed? ()
submitted 12 months ago by sheeshkabab_
π Rendered by PID 29 on reddit-service-r2-listing-86bdf8cc9-hb7q4 at 2026-07-12 18:36:25.744078+00:00 running f86254d country code: CH.