The tweet mentions a Stored XSS vulnerability bypassing a Web Application Firewall using a unique method of Characters Limitation Bypass. The tweet doesn't specify the WAF vendor. It would be interesting to know more technical details about this bypass such as the specific payload used, the impact of the bypass, and any mitigations.
For more insights, check out the original tweet here: https://twitter.com/MarcBacker13025/status/1818748543709909382. And don’t forget to follow @MarcBacker13025 for more exciting updates in the world of cybersecurity.