A Cloudflare WAF bypass was discovered with the payload %3CSVG/oNlY=1%20ONlOAD=confirm(document.domain)%3E. This payload exploits a Cross-Site Scripting (XSS) vulnerability. It allows an attacker to execute arbitrary JavaScript code on the victim's browser. Detailed technical information can be found in the blogpost at https://yourblog.com.
Original tweet: https://twitter.com/XssPayloads/status/1781903154063310934
Subscribe for the latest news: