A new WAF bypass technique using JSFuck has been discovered for Cloudflare WAF. This bypass allows an attacker to evade the security controls of the WAF and execute cross-site scripting (XSS) attacks. The use of JSFuck encoding helps obfuscate the payload, making it harder for the WAF to detect. Security researchers and bug hunters should be aware of this bypass and take necessary precautions. For more details, check out the tweet: https://t.co/MiM07GomEE
Original tweet: https://twitter.com/0x0SojalSec/status/1879608265375641843