I discovered a bypass for KNOXSS WAF that allows an XSS attack by using the payload ‘</<K<Svg Onload=alert(1)>’. This payload exploits a vulnerability in the WAF’s handling of SVG tags, allowing an attacker to execute arbitrary JavaScript code. For more details, check out my blog post at [insert blog post URL]. #XSS #WAF #Bypass #CyberSecurity
For more insights, check out the original tweet here: https://twitter.com/seke4l/status/1746858039636824167. And don’t forget to follow @seke4l for more exciting updates in the world of cybersecurity.