Scanner detects non-exploitable xss as "Confidence: Certain"
Burp Scanner identified a Reflected XSS with the following payload:
The problem is, that all modern browsers sent the " URL encoded as %22 and %22 is blocked by their WAF.
This means, that this XSS is not exploitable, isn't it? Yes, I already tried double-encoding and other bypassing tricks - the problem in my opinion is, that Burp sends the quote non-URL encoded (which is not possible when you want to exploit this via a browser) and then assumes, that there exists an XSS vulnerability.
Am I missing something?
This may be exploitable using Internet Explorer, as that doesn’t encode URL parameters.