SecurityConfig evidence

File:
- /C:/Users/moabd/OneDrive/Documents/New project/appsmith-src/app/server/appsmith-server/src/main/java/com/appsmith/server/configurations/SecurityConfig.java

Relevant lines from local review:
- line 209: POST forgotPassword is permitAll
- line 228: POST resendEmailVerification is permitAll

Interpretation:
- both flows are reachable without prior authentication
