Persistent XSS (unvalidated Open Graph embed) at LinkedIn.com

Stored XSS in LibreOffice

Persistent XSS on Microsoft Bing.com by poisoning Bingbot indexing

Canary Token OSS Security Audit Report (Q2 2024)

Type confusion attacks in ProseMirror editors

Self-XSS to ATO via Site Features