Security Boulevard

Attacking APIs using JSON Injection

I wanna tell you a story from not too long ago, where exploiting a JSON injection vulnerability in Samsung devices could trigger an attack chain that ended up with code execution on the device. It ...
CSOonline

JSON-based SQL injection attacks trigger need to update web application firewalls

Security researchers have developed a generic technique for SQL injection that bypasses multiple web application firewalls (WAFs). At the core of the issue was WAF vendors failing to add support for ...
GitHub

Critical Severity Risk - JSON Injection

On line 159 of LottieAnimationHelpers.swift, the method from:data:strategy:() writes unvalidated input into JSON. This call could allow an attacker to inject arbitrary elements or attributes into the ...