Explain why the user cannot modify the URIPATH

Author: sinn3r

modules/exploits/windows/browser/ntr_activex_check_bof.rb

@@ -32,7 +32,8 @@ def initialize(info = {})
 			'Description'    => %q{
 					This module exploits a vulnerability found in NTR ActiveX 1.1.8. The
 				vulnerability exists in the Check() method, due to the insecure usage of strcat to
-				build a URL using the bstrParams parameter contents, which leads to code execution
+				build a URL using the bstrParams parameter contents (note: this is also the reason
+				why the module won't allow you to modify the URIPATH), which leads to code execution
 				under the context of the user visiting a malicious web page. In order to bypass
 				DEP and ASLR on Windows Vista and Windows 7 JRE 6 is needed.
 			},