[Security Issue] Potential Path Traversal Vulnerability in the Project #46
Description
Hello,
I found a potential security vulnerability while using this project. The vulnerability could lead to arbitrary file upload or deletion.
Here’s a brief summary:
Affected Version: v3.1.3 and master branch
Affected API: /api/v1/user-profile
Code Path: /Spring-Boot-Advanced-Projects-main/Project-4.SpringBoot-AWS-S3/backend/src/main/java/com/urunov/profile/UserProfileController.java:33
To minimize risk, I’m happy to share the detailed proof of concept and reproduction steps privately via DM.
Thank you for your work on this open-source project!