Expired SSL Certificate allows credentials steal

Hi security Team! I've found this website with no valid SSL Certificate. https://██████████ Certificate has expired 314 days ago. ## Impact Error message can appear on page and **user can have his credentials stolen by an attacker capturing the network data.** ## System Host(s) ███████ ## Affected Product(s) and Version(s) ## CVE Numbers ## Steps to Reproduce Visit: https://██████████ and check the SSL Certificate. It was expired in november 2020. ## Suggested Mitigation/Remediation Actions