A bypass for Cloudfront WAF for stored XSS was shared on Twitter. The only working payload is ‘<img src=x onerror=””>,<a href=https://google(.)com>’. The WAF is blocking JavaScript functions like alert(),prompt(),confirm(),print(), and the content type is JSON, preventing the use of double quotes.
brother can u dm need help bypass cloufront for stored XSS only thing work is <img src=x onerror="">,<a href=https://google(.)com>, the waf blocking alert(),prompt(),confirm(),print(), and the content type is json thats why cant add (")
— Arour_mohamed (@Arourmohamed01) February 29, 2024