This Spring Boot web application is storing MongoDB credentials in plain text in the properties files via It's not recommended to store plain text passwords in configuration files.


It's recommended to encrypt the credentials using a library like Jasypt. By using Jasypt, you can provide encryption for the property sources and the application can decrypt the encrypted properties and retrieve the original values.


Related Vulnerabilities