A new XSS bypass has been discovered for Cloudflare WAF. The payload used for bypass is %3CSVG/oNlY=1%20ONlOAD=confirm(document.domain)%3E. This bypass allows an attacker to execute malicious scripts on the target website. More details on this bypass can be found on the following link: https://t.co/2RtYdUQvgL
For more details, check out the original tweet here: https://twitter.com/_wezoomagency/status/1781178822605341094