A bypass technique for WAF using Burp Repeater has been discovered. By encoding payloads into UTF-16, attackers can bypass basic input validation. This technique can potentially evade detection by certain WAF rules. It is recommended for WAF administrators to be aware of this bypass and adjust their rules accordingly to mitigate the risk of attacks using this method.