Open redirection
Client-side XPath injection
Ajax request-header manipulation
Denial of service
Client-side JSON injection
Cookie manipulation
Web message manipulation
DOM-data manipulation
JavaScript injection
Document-domain manipulation
Prototype Pollution
WebSocket-URL poisoning
DOM XSS
Link manipulation
Local file-path manipulation
Client-side SQL injection
HTML5-storage manipulation
eval()
setTimeout()
setInterval()
setImmediate()
execCommand()
execScript()
msSetImmediate()
range.createContextualFragment()
crypto.generateCRMFRequest()
Function()
document.cookie
sessionStorage
sessionStorage.setItem()
localStorage.setItem()
indexedDB.open()
executeSql()
FileReader.readAsDataURL()
FileReader.readAsArrayBuffer()
FileReader.readAsBinaryString()
FileReader.readAsFile()
FileReader.readAsText()
FileReader.root.getFile()
FileReader.root.getFile()
element.href
element.src
element.action
extend + Merge
location.href
document.referrer
location.search
location.hash
RegExp()
requestFileSystem()
document.write()
document.writeln()
document.domain
element.innerHTML
element.outerHTML
element.insertAdjacentHTML
element.onevent
jQuery add()
jQuery after()
jQuery append()
jQuery animate()
jQuery insertAfter()
jQuery insertBefore()
jQuery before()
jQuery html()
jQuery prepend()
jQuery replaceAll()
jQuery replaceWith()
jQuery wrap()
jQuery wrap()
jQuery wrapInner()
jQuery wrapAll()
jQuery has()
jQuery constructor()
jQuery init()
jQuery index()
jQuery jQuery.parseHTML()
jQuery $.parseHTML()
document.domain
location
window.location
location.host
location.hostname
location.href
location.pathname
location.search
location.protocol
location.assign()
location.replace()
open()
element.srcdoc
XMLHttpRequest.open()
XMLHttpRequest.send()
jQuery.ajax()
$.ajax()
document.evaluate()
element.evaluate()
postMessage()
element.setAttribute()
script.src
script.text
script.textContent
script.innerText
element.setAttribute()
element.search
element.text
element.textContent
element.innerText
element.outerText
element.value
element.name
element.target
element.method
element.type
element.backgroundImage
element.cssText
element.codebase
document.title
document.implementation.createHTMLDocument()
history.pushState()
history.replaceState()
JSON.parse()
jQuery.parseJSON()
$.parseJSON()
XMLHttpRequest.open()
XMLHttpRequest.setRequestHeader()
XMLHttpRequest.send()
jQuery.globalEval()
$.globalEval()
WebSocket ()
@infosec_90