Spring Actuator Security, Part 2: Finding Actuators using Static Code Analysis with semgrep

In the first part of this series, we have discussed the risks inherent in exposing the Actuator functionality of the Spring framework. If you haven't read that part yet, I recommend that you do so before reading this article. In this article, we wi...