A new XSS bypass technique was discovered for AWS WAF. The payload <script>alert('XSS bypass')</script> successfully evades the WAF's protection. This bypass can be used to execute malicious scripts on vulnerable websites. For more technical details, refer to the blogpost.
For more details, check out the original tweet here: https://twitter.com/BRuteLogic/status/1866460498784305556