The tweet mentions studying about bypassing WAF with XSS. The payload used for the bypass is <script>alert(1)</script>. The vendor of the WAF is unknown. It would be beneficial to make a blog post about this bypass, highlighting the XSS vulnerability, the specific payload, and the research done on bypassing WAF with XSS.
For more details, check out the original tweet here: https://twitter.com/OludareEzekiel9/status/1843324601721610242
Subscribe for the latest news: