The tweet mentions a Cross-site Scripting (XSS) vulnerability that was reported via YesWeHack platform. The specific type of XSS mentioned is Reflected (CWE-79). The tweet also thanks @zhero___ for helping in bypassing the WAF. Since the WAF vendor is not specified, further details about the WAF bypass are not provided. It's important to know the details of the bypass technique in order to analyze the vulnerability and the impact on the WAF security.
Original tweet: