A bypass was discovered in Cloudflare WAF that allows for Origin IP Leakage. This vulnerability can potentially expose the IP address of the origin server behind the WAF. More details should be investigated and addressed by Cloudflare to mitigate this issue.
Original tweet: https://twitter.com/hackervirus999/status/1912203682680029679