Spring Boot Misconfiguration: MongoDB credentials stored in the properties file
Description
This Spring Boot web application is storing MongoDB credentials in plain text in the properties files via spring.data.mongodb.password=. It's not recommended to store plain text passwords in configuration files.
Remediation
It's recommended to encrypt the credentials using a library like Jasypt. By using Jasypt, you can provide encryption for the property sources and the application can decrypt the encrypted properties and retrieve the original values.