A bypass for Akamai WAF has been discovered for XSS vulnerability. The payload used is '></div></div><brute%20onbeforescriptexecute=%27confirm(document.domain)%27>'. This bypass allows executing a script to confirm the document domain. Security researchers should be aware of this bypass when testing Akamai WAF configurations for XSS vulnerabilities. #bugbountytips #bugbounty
For more insights, check out the original tweet here: https://twitter.com/KonwarAbhi98099/status/1812725604623712625