This page demonstrates how a browser can access internal network resources via HTTP GET requests. The scan below works only if Chrome's Local Network Access restriction is disabled.
Important: The endpoint being accessed does not require authentication. Although a ticket to add authentication was created, it was deprioritized and left in the backlog. As a result, this endpoint is accessible to anyone on the network, exposing sensitive data.
This is a security risk and should be addressed by enabling authentication and ensuring proper network access controls.