Vulnerability Name: Swagger API Disclosure

1. Vulnerable Point:
   a. https://amritdemo.piramalswasthya.org/flw-0.0.1/swagger-ui.html
   b. https://amritdemo.piramalswasthya.org/tmapi-v1.0/swagger-ui.html
2. Observation / Description: It was observed that the Swagger API was publicly disclosed.
3. Impact: An attacker can gain access to Swagger API if it is publicly accessible, which can lead to security breach.
4. Recommendation: Never disclose Swagger API publicly.
5. Recommendation Solution:
   a. It's an open source code, so Swagger can be disclose publicly;
   b. or Turn off (remove/ disable) Swagger API publicly in Production Environment/ UAT/ App Build