This technique is opted to conduct mass SQL injection attacks because infecting database tables result in easy spreading of malicious content across different domains because of content sharing.
It is quite a different from persistent nature of XSS because in SQLXSSI, the attacker wants to update the database table with encoded output and it remains there for long period of time. When an application, runs a specific query in the database, the payload is decoded and renders in the browser. In persistent XSS injections, payloads are passed as direct data which may or may not be stored in the database but it becomes persistent in web pages. Further, no SQL injection vulnerability is exploited.
In SQLXSSI, SQL injections (Direct+Blind) are used explicitly by the attacker to inject payloads in the database in the raw format. It is retrieved back from the database based on the application design and in which tables attacker has injected the payloads.
Predominantly, one vulnerability is used to trigger another which ultimately results in spreading malware. This content can be retrieved by any resources which are using the database of infected website. For example: the below presented figure shows the presence of malicious scripts inside the PDF
This PDF document is actually generated from print.asp page which fetches some content from the database, in this case it is infectious. However, our discussion in this example adheres to the way data is shared among different resources and how infectious can SQLXSSI attacks be.