|
|
|
|
|
|
by Schwolop
1171 days ago
|
|
|
There's a web plugin too. It can issue GET requests. That's enough to probe a lot of interesting things, and I'll bet there's an endpoint somewhere on the web that will eval any other web request, so now you've opened up every web accessible API - again, all theoretical, but at least not too far removed from an exploit. |
|
|