Hello,
@kaiarne discovered a security vulnerability in AncientGates, as of the "setexec" command.
only the permissions of the "from" server are getting checked, not the "to"-server.
this gives access to all kind of things, such as "/stop" or "/say -setexec- has been hacked"
aswell as /op regardless ANY kind of permissions on the remote server.

This is a defenite design flaw and we will not be able to use the plugin until fixed.
Best regards.

Vulnerability was fixed or you simply closed it?

You still need permission on the "from" server so not a big issue or am i missing something?

There are bungeecord networks existent with different serverowners, so maybe a trust issue,
also - if one server gets hacked, this is the door to all others. (especially /op)
I think this is a little bit serious and could need a quick fix.

We were pretty happy with the plugin for our new PVP-Extension-Servers