The problem has been known since at least June 2019, but it still remains uncorrected.
Cloudflare's Web Application Firewall (WAF), used by more than 25 million sites, contains a vulnerability that allows you to bypass the rules and carry out an XSS attack. It is noteworthy that the problem has...