In a thought experiment, it is anticipated that by manipulating direct and indirect containers, it would allow an attacker to create arbitrary triples on any resource that they should not have write access to.
For example, if a user can create an indirect container (/a):
/a a ldp:IndirectContainer ;
ldp:insertedContentRelation rdf:object ;
ldp:membershipResource /resource/to/attack ;
ldp:hasMemberRelation xxx:predicateToCreate .
When posting a new resource:
<> a rdf:Statement ;
Would create the triple
/resource/to/attack xxx:predicateToCreate /resource/to/link
The creation of the resource in the indirect container should fail with a permissions / auth related error.