Sundram

There is a serious issue in the frontend implementation. The API is being called directly from the client, which exposes the API credentials and makes them vulnerable to misuse. API requests should never be made directly from the frontend. If absolutely required, they must be properly secured (for example, via a backend proxy and encryption). During testing, I was able to access the API in a...