Uncommon Vulnerabilities

Cross-Site Script Inclusion (XSSI)

• https://www.hacksplaining.com/prevention/xssi
• https://book.hacktricks.xyz/pentesting-web/xssi-cross-site-script-inclusion
• https://github.com/luh2/DetectDynamicJS

XS-Search / XS-Leaks

• https://book.hacktricks.xyz/pentesting-web/xs-search
• https://cheatsheetseries.owasp.org/cheatsheets/XS_Leaks_Cheat_Sheet.html
• https://xsleaks.dev/
• https://xsinator.com/

CSS Injection

• https://book.hacktricks.xyz/pentesting-web/xs-search/css-injection