(html comment removed: JavaScript in a web worker )
(html comment removed: Script in an iframe srcdoc )
(html comment removed: Exploiting innerHTML property )
(html comment removed: Using eval inside a setInterval )
(html comment removed: Exploiting CSS content property )
(html comment removed: HTML5 postMessage )
(html comment removed: JavaScript in XML )
(html comment removed: Injecting JavaScript via history.pushState )
');(html comment removed: iframe sandbox attribute bypass )
(html comment removed: Audio tag with onloadeddata )
(html comment removed: Script inside an SVG file )
(html comment removed: Using .innerHTML with template literals )
(html comment removed: CSS :hover pseudo-class )
(html comment removed: XSS via JavaScript URL in CSS )
(html comment removed: XSS via script in JSONP response )
(html comment removed: iframe srcdoc with meta refresh )
<iframe srcdoc="" />(html comment removed: HTML5 data attribute with event handler )
(html comment removed: Inline SVG with onload event )
(html comment removed: Using document.write )
(html comment removed: JavaScript in a flash object (legacy) )
(html comment removed: CSS escape sequences )