Xss

Reflected XSS via dom clobbering

Arbitrary JS execution through improperly implemented Excel formulas

Arbitrary JS execution via prototype poisoning and unicode surrogate pair characters.

Achieving sensitive data leak via XSS

Achieving arbitrary javascript execution via prototype pollution

Exposing the hidden flag via improper sanitization of HTML and Chrome developer protocol