An XSS payload was identified to bypass some WAF filters in Firefox. The payload used is <input accesskey=X onclick="self['wind'+'ow']['one'+'rror']=alert;throw 1337;". This payload exploits a vulnerability in Firefox WAF filters allowing an attacker to execute arbitrary JavaScript code. This bypass highlights a potential security risk for websites using Firefox WAF that may be susceptible to XSS attacks. Security professionals are advised to be vigilant when using Firefox WAF and implement additional security measures to mitigate such vulnerabilities. #infosec #cybersec #bugbountytips
For more insights, check out the original tweet here: https://twitter.com/HackingTeam777/status/1853687969795788805