“{JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF” https://t.co/UbnmRLAall