About API-GW vulnerability