🔥 3-day streak
CompTIA PenTest+ (PT0-003)123 / 175
Question 123 of 175
During a web application assessment, you discover that a PDF-generation feature accepts a user-supplied URL and fetches it server-side to render into a document. The application is hosted on an AWS EC2 instance. You submit a URL pointing to an internal address and confirm the server returns the content. Which follow-up request most directly demonstrates the highest-impact exploitation of this flaw?
Reviewed for accuracy · Report an issueNext question