The tweet mentions the lack of urgency in addressing XSS vulnerabilities due to the presence of a WAF. It highlights the misconception that WAF alone can fully protect against all attacks. Regular reports of WAF bypass incidents emphasize the importance of a comprehensive security approach. Security personnel should not overlook the significance of addressing vulnerabilities like XSS, as WAFs may not provide complete protection.
Original tweet: https://twitter.com/igz0/status/1925896270616449340