in the js file you will find a vulnerable endpointPP