Thanks for the writeup man but I can’t seem to make sense of the testing process that lead to the final payload, conventional XSS bypass filter payload make use of < > and try to encode and the filter bypass tricks but not this, can you kindly break down the testing and thinking process that leads to the final payload?. Thanks