An actual XSS on google.com by Masato Kinugawa. It abuses a parser differential between a JavaScript enabled and disabled context.

Discover by Web Vulnerabilities

This category is about common web applocation vulnerability patterns like XSS, CSRF, SSRF and more.