Find six vulnerabilities in CandyPal
Vulnerabilities must fall under the risks discussed during lecture

Cross-Site Scripting
Cross-Site Request Forgery
Insecure Deserialization
Using Components with Known Vulnerabilities
Unvalidated Redirects and Forwards
Insufficient Logging & Monitoring

Provide the following per vulnerability:

Name
Image
Description

In order to access CandyPal (http://10.15.1.10:9090) you must use the VPN.
and you need using burp suite check the website and vpn log in the candypal.