https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
- Hacker101 - XSS Tutorial
- Acunetix - Cross-site Scripting (XSS) Attackl
- A timing attack with CSS selectors and Javascript
- Google Stored XSS in Payments
- Blind XSS in one of the Admin Dashboard
- Stored XSS on Thousands of Webshops
- Reflected XSS on https://www.zomato.com
- Reflected XSS on $Any$.myshopify.com/admin
- XSS [flow] - on www.paypal.com/paypalme/my/landing
- Cross-Site Scripting to Local File Inclusion on Trello’s App
- hxp CTF 2018: µblog walkthrough