I was just reading about a new XSS filter bypass that effects Classic ASP
Can ModSecurity be used to protect against such an attack? AFAICT, the only
UTF8 check available is @validateUtf8Encoding which this payload style
passes, as it uses valid UTF8 characters.