You can hide XSS payloads inside SVG or Math elements to bypass XSS sanitizers or WAF filters. This technique can be used to evade detection and execute malicious scripts on vulnerable websites. Be cautious of the security implications of this bypass and ensure proper mitigation strategies are in place to protect against such attacks.
Original tweet: https://twitter.com/wtf_brut/status/1808822068089344254