Following our publication on Resource-Based Constrained Delegation (RBCD) attacks in cross-domain and cross-forest environments, we sought to further extend the capabilities of this technique. To this end, we investigated delegation scenarios within environments comprising multiple domains (three or more). This revealed that an attacker could impersonate any user within the forest by exploiting the default transitivity of the parent-child trust relationship. This identity can subsequently be utilised to access resources across any domain within this forest, or inside a remote forest linked by an established trust, provided that the underlying Kerberos delegation rights allow it.