A bypass for Cloudflare WAF has been identified for XSS vulnerability. The payload used is '3=> <a HREF="%26%237 javascrip%26%239t: alert%261par;document .domain) *>' which can evade Cloudflare's protection. This bypass can lead to executing malicious scripts on the target application. Additional payloads for bypass also include 'alert(1)' and ' onmouseover=prompt(1)//'. Security administrators should be aware of these bypass techniques to enhance WAF protection.
Check out the original tweet here: https://twitter.com/WExploiters/status/1882637887499649384