Andreas Wolter expands upon a prior post:
In my previous post (SQL Server Privilege Escalation via DatabaseManager-role: Newly discovered Attack Paths Explained), I showed how a privilege escalation can be achieved by modifying a stored procedure in msdb, based on research shared by Emad Al-Mousa.
When I looked into this more closely, it became clear pretty quickly:
It is not just about a few specific procedures.
Mind you, Andreas is not some kind of shrinking violet, and he was involved in the creation of this role in the first place. There are approximately zero people outside of Microsoft (and the number inside I could probably count on one hand) I would trust more to understand the nature and scope of this issue. This is definitely worth reading.