A new XSS payload has been discovered to bypass Akamai WAF protection. This payload utilizes the foobar parameter with a special onclick event handling. The payload can be injected into any tag and any event handler. Security researchers should be aware of this bypass to enhance WAF protection against XSS vulnerabilities.
Original tweet: https://twitter.com/XssPayloads/status/1788748656390058340