Don't you miss the golden era of SQL Injections? Here Mathieu Farrell (@Coiffeur) explains how to feel the thrill again with the aid of Apache Superset, XML and a bit of parsing tickery: "Bypass Apache Superset restrictions to perform SQL Injections"

Bypass Apache Superset restrictions to perform SQL injections - Quarkslab's blog

The following article explains how during an audit we took a look at Apache Superset and found bypasses (by reading the PostgreSQL documentation) f...