A XSS WAF bypass was successfully performed on Amazon/Cloudflare WAF. The payload used was <details x=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:2 open ontoggle="prompt(document.cookie);">. This bypass allowed executing a JavaScript prompt to steal the user's cookies. For more details, check out the blog post.
Check out the original tweet here: https://twitter.com/coffinxp7/status/1798613214173008131