A bypass for Amazon WAF has been found targeting XSS vulnerabilities. The bypass payload used is '<details x=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:2 open ontoggle="prompt(document.cookie);">'. This payload triggers a prompt to execute the document.cookie JavaScript function. It is recommended to apply appropriate security measures to mitigate XSS vulnerabilities in Amazon WAF configurations.
For more details, check out the original tweet here: https://twitter.com/coffinxp7/status/1798285648547471739