Exploiting exposed Spring Boot Heapdump endpoint

While testing for bugs on a Vulnerability Disclosure Program, I recently came across a subdomain of the program having an application running on Spring Boot. The application had exposed Spring Boot Actuator endpoints in production, which could lead t...