A new XSS bypass was discovered affecting AWS WAF. The payload <script>alert(1)</script> was successfully used to bypass the protection. Detailed technical information can be found in the blogpost.
For more insights, check out the original tweet here: https://twitter.com/Vecoyenka/status/1907840135921631240. And don’t forget to follow @Vecoyenka for more exciting updates in the world of cybersecurity.