A tweet mentioned difficulties in bypassing WAFs for XSS attacks. The payload used for bypassing is <script>alert('Bypassed WAF')</script>. This bypass technique affects various WAF vendors. A blog post detailing the technical aspects of this XSS bypass, including the vendor-agnostic approach and strategies to overcome WAF blocking, is recommended.
For more details, check out the original tweet here: https://twitter.com/MiniMjStar/status/1802797454653350237