Last update: February 19, 2023 J2EE Misconfiguration: Plaintext Password in Configuration File The J2EE application stores a plaintext password in a configuration file.