A Cloudflare WAF bypass for XSS vulnerability was discovered by @Shad0wH3x. The payload used for bypass is <img hrEF="x" sRC="data:x" oNLy=1 oNErrOR=prompt`1`. This bypass combines simple tricks to evade the Cloudflare WAF protection. Security researchers can use this information to understand the bypass techniques and enhance their web application security testing. #bugbountytips #bugbounty
For more details, check out the original tweet here: https://twitter.com/RootMoksha/status/1806447172436594810