An XSS payload was discovered to bypass some WAF and filters in Firefox. The payload used is <input accesskey=X onclick="self['wind'+'ow']['one'+'rror']=alert;throw 1337;">. This bypass technique exploits the accesskey attribute and JavaScript onclick event to execute a malicious alert. It is important for WAF vendors to address this vulnerability to enhance security against XSS attacks. #infosec #cybersec #bugbountytips
Original tweet: https://twitter.com/0x0SojalSec/status/1850606480120295738
Subscribe for the latest news: