Error Message :
With the use of cURL in Web Service REST, Command Injection is possible. Example:
- Check "Execute cURL command"
- In the command box enter:
-v -k -L localhost 'exec whoami' Expected Result:
The command will be executed on the machine running the agent, with the agent user.