The ability to execute scripts in CSS is particularly useful not only when injection points lay inside style tag/attribute, but it also helps exploit Relative Path Overwrite (RPO) and perhaps other attack scenario (e.g. <input type="hidden">). As browser vendors are taking security serious than ever before, relevant tricks start to fade away. Besides, there is no dedicated page for documenting tho