Re: [mod-security-users] Protection for new WAF bypass for SQL injection json based payload

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi All,

for simplified version of the method refer
https://www.imperva.com/blog/abusing-json-based-sql/

Thanks,
Homesh

On Tue, Dec 13, 2022 at 9:30 PM homesh joshi <ho...@gm...> wrote:

> Hi All,
>
> Has any one tested the new method mentioned here https://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-bypass-waf
>
>
> any successfully block the same with modsec ?
>
> Thanks,
> Homesh
>
>