A WAF bypass for Cloudflare has been discovered using a payload that finishes open function calls from jQuery, executes an alert as proof of concept, and then finishes the original script tag. This payload can be used to execute a cross-site scripting (XSS) attack bypassing Cloudflare's protection. More details can be found at https://t.co/1ylY8sm0ac
Original tweet: https://twitter.com/harshleenchawl2/status/1796101398058410233