Jolokia Local File Inclusion Misconfiguration
Jolokia is a JMX-HTTP bridge giving an alternative to JSR-160 connectors. It is an agent based approach with support for many platforms.
When the Jolokia Library is in the target application classpath, it is automatically exposed by Spring Boot under the '/jolokia' actuator endpoint. The DiagnosticCommand MBean and compilerDirectivesAdd function can be used to disclose the contents of arbitrary files on the misconfigured host.