A new XSS WAF bypass technique has been discovered using multi-char HTML entities. The payload includes the following translations:

fj translates to fj
&amp;nvgt; translates to < + [?]
&amp;nvlt; translates to > + [?]

This technique can be used to bypass various WAFs. For more details, visit the Unicode symbol link: https://t.co/RKNR6gnqL4
For more details, check out the original tweet here: https://twitter.com/therceman/status/1803666353892585642