A bypass for a WAF in HTML scenario has been discovered for XSS vulnerability. The payload used for bypass is <A HRef=\" AutoFocus OnFocus=top/**/?.['al'%2B'ert'](1)>. This bypass makes XSS attacks easy. More details can be found in the tweet by @KN0X55. Sign up now! https://t.co/nNqODwzUC0
For HTML scenarios
by @KN0X55<A HRef=" AutoFocus
OnFocus=top/**/?.['al'%2B'ert'](1)>Sign up now!https://t.co/nNqODwzUC0#XSS made easy.
— KNOXSS (@KN0X55) May 2, 2024