[Security Issue] Potential Path Traversal Vulnerability in the Project

[ShenxiuSec]

Hello,

I found a potential security vulnerability while using this project. The vulnerability could lead to arbitrary file upload or deletion.

Here’s a brief summary:

Affected Version: v3.1.3 and master branch

Affected API: /api/v1/user-profile

Code Path: /Spring-Boot-Advanced-Projects-main/Project-4.SpringBoot-AWS-S3/backend/src/main/java/com/urunov/profile/UserProfileController.java:33

To minimize risk, I’m happy to share the detailed proof of concept and reproduction steps privately via DM.

Thank you for your work on this open-source project!