A researcher was able to bypass Akamai’s WAF (running Spring Boot) by using Spring Expression Language (SpEL) injection:

https://t.co/M5oxoKbqu3