The hints include "bypass the web form in the most basic way. Depends on how the website is set up, you could do SQL injection, xss attack, .