I use a WAF that monitors suspicious query string and form POST values. Over the last several months I've noticed a dramatic uptick in query strings that have this sequence of 4 characters appended to the usual (i.e. 'normal') values:
'[0]
Why is this so common? I know why stuff like SQL injection attempts and JS snippets appear all the time, but is this string a known attack vector?