Application Trasnport Security-Load Enable

Summary : During analysis, it was observed that the application transport Security-Load was set to true.

OWASP Category: M3: Insecure communication

Severity :   Low  

Complexity : Easy 

From : Remote / External

Steps to Reproduce:

Proof of Concept : Attached in the Video

Impact : Enabling ATS can allow insecure communication with servers or allow insecure loads for web views or for media, while maintaining ATS protections elsewhere in your app.

Affected Path: Entire Application

Recommendations : It is recommended that the application transport Security-Load should be set to false.
 
References : 
https://owasp.org/www-project-mobile-top-10/2016-risks/m3-insecure-communication

Proof of Concept :