Exam Hints/Tips

if the stage 1 exploit was non interactive then this can be used to obtain administrator interaction by her clicking on the link to change their password. Note to check the source code
of the change email page for any additional form id values.
Last updated