Just like what I described in #3
we can see both the URL and headers parameters are susceptible to RCE. For instance, a custom header could include any system commands like whoami with back ticks, leading to potential exploitation on the pentester's server.

Just like what I described in #3

we can see both the URL and headers parameters are susceptible to RCE. For instance, a custom header could include any system commands like
whoamiwith back ticks, leading to potential exploitation on the pentester's server.