When a vulnerability occurs in a system, they tend to ask the question "but what can you do with it?". That's the wrong question, from a security perspective it's better to ask "what can you not do with it?". As long as you cannot prove that you cannot do something bad, there is a risk that you can.
When a vulnerability occurs in a system, they tend to ask the question "but what can you do with it?". That's the wrong question, from a security perspective it's better to ask "what can you not do with it?". As long as you cannot prove that you cannot do something bad, there is a risk that you can.