A penetration tester is testing a web application that is hosted by a public cloud provider. The tester is able to query the provider’s metadata and get the credentials used by the instance to authenticate itself. Which of the following vulnerabilities has the tester exploited?
A. Cross-site request forgery
B. Server-side request forgery
C. Remote file inclusion
D. Local file inclusion
