WAF bypass by grumpzsux

Date: May 20, 2024Author: wafbypass

A new XSS bypass for Cloudflare WAF has been discovered. The payload used is %3CSVG/oNlY=1%20ONlOAD=confirm(document.domain)%3E. This bypass allows executing a domain confirmation. Credit to @akaclandestine. #bugbountytip #BugBounty #bugbountytips
For more insights, check out the original tweet here: https://twitter.com/grumpzsux/status/1784432507565625672

Subscribe for the latest news:

Web application firewalls bypasses collection and testing tools

How to test, evaluate, compare, and bypass web application and API security solutions like WAF, NGWAF, RASP, and WAAP

WAF bypass by grumpzsux