This tweet discusses a common XSS payload for bypassing WAFs. The payload <IMG SRC=JaVaScRiPt:alert('XSS')> is used to execute an alert('XSS') JavaScript code. The tweet emphasizes the importance of uppercase letters in payloads for XSS opportunities. The technical details and usage of this payload are explained in a blog post at https://t.co/IKV4g1hnK1
Original tweet: https://twitter.com/emancbb/status/1815116902114500789