Exploiting exposed Spring Boot Heapdump endpoint
While testing for bugs on a Vulnerability Disclosure Program, I recently came across a subdomain of the program having an application running on Spring Boot. The application had exposed Spring Boot Actuator endpoints in production, which could lead t...
Oct 2, 20224 min read6.5K
