Abusing JSON-Based SQL to Bypass WAF
|Summary:||Is the WAF feature on the LoadMaster vulnerable to this threat|
Vulnerability Question. Articles are coming out that further analysis revealed that the WAF could be bypassed by abusing the JSON data sharing format. JSON syntax is supported by all major SQL engines and it’s enabled by default.
|Steps to Reproduce:|
|Resolution:||The LoadMaster is not vulnerable, WAF will block these requests.|
Link relating to the vulnerability: