/techtags/language.java.spring/ Recent content in Language.Java.Spring on ZAP Hugo en-us /docs/alerts/40042/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/40042/ <p>Spring Actuator for Health is enabled and may reveal sensitive information about this application. Spring Actuators can be used for real monitoring purposes, but should be used with caution as to not expose too much information about the application or the infrastructure running it.</p> /docs/alerts/40045/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/40045/ <p>The application appears to be vulnerable to CVE-2022-22965 (otherwise known as Spring4Shell) - remote code execution (RCE) via data binding.</p>