Vulnerabilities

You can view the different types of Vulnerabilities Metlo detects from your API traffic on the Vulnerabilities page.

The Juice Shop App contains vulnerabilities like Endpoint not secured by SSL and Unauthenticated Endpoint returning Sensitive Data. Juice Shop has some endpoints such as /rest/admin/application-configuration which return sensitive data like Email and IP Address. Metlo gives context into which endpoints are affected by these vulnerabilities and how many there are.