JS-ON - Security-OFF - Abusing JSON-Based SQL Queries

Explore the security implications of native JSON features in major SQL-based database engines in this 23-minute Black Hat conference talk. Delve into how Postgres, SQLite, MS SQL, and MySQL have incorporated JSON capabilities, enabling complex data interactions with JSON-type objects. Discover the potential risks these default-enabled features introduce and learn about their hackability. Gain insights from security researcher Noam Moshe as he presents findings on exploiting JSON-based SQL queries, highlighting the importance of awareness among developers and researchers. Access the full abstract and presentation materials for a comprehensive understanding of this critical security topic.

{JS-ON: Security-OFF}: Abusing JSON-Based SQL Queries