Go to the Vulnerabilities tab from the application's Overview page to see a list of all vulnerabilities found in that application. Contrast shows you all the vulnerabilities it's discovered including SQL Injection, Cross-Site Scripting (XSS), Command Injection, Path Traversal, XML External Entity Processing (XXE), Cross-Site Request Forgery (CSRF), Java Deserialization and many more. View and manage basic information in the vulnerabilities grid; or, click on a vulnerability for more details, including the type of vulnerability, guidance on how to fix it, line of code and the ability to replay the attack.
Note: For Contrast to find weaknesses and present findings, you must exercise your application. You can then track, share and receive remediation guidance for each vulnerability that Contrast reports.
For more information on analyzing, managing and exporting reports on vulnerabilities, read the following articles: