HTTP makes your printer an attack vector
"Cross-site printing (XSP) attacks empower a web attacker to access the printer device as demonstrated by [1] who use a hidden Iframe to send HTTP POST requests" ref
So it's a bug in the HTTP protocol rather than any defect in PostScript.