Exposed Metrics

Difficulty: :star2:

Description: Find the endpoint that serves usage data to be scraped by a popular monitoring system.

Category: Sensitive Data Exposure

Tags: Good Practice

Solution:

Access this route: http://localhost:3000/metrics. Because Prometheus use /metrics route to inspect metrics, so I try to access this route to view sensitive metrics.