>i quickly realised that this was the server-side serverless (lol) environment of their main documentation app, while this calls to a external api to do everything, we have the token it calls it with in the env.

>alongside, we can poison the nextjs cache for everyone for any site, allowing mass xss, defacing, etc on any docs site.