WAF bypass XSS by therceman

Bug Bounty Hint

GBK Encoding / MultiByte Attack

? = %E5%98%8A = \u560a ? %0A
? = %E5%98%8D = \u560d ? %0D
? = %E5%98%BE = \u563e ? %3E (>)
? = %E5%98%BC = \u563c ? %3C (<)
? = %E5%98%A2 = \u5622 ? %22 (‘)
? = %E5%98%A7 = \u5627 ? %27 (“)

For XSS, CRLF, WAF bypass