@buherator It's so complete that it comes with the usual trivial to find vulnerabilities you would expect from enterprise software!
@joxean @buherator They’re getting better, password reset tokens used to be stored in clear in the database so SQLi would let you takeover admin accounts. But still a long way to go :)