[Security Issue] Potential Path Traversal Vulnerability in the Project

[ShenxiuSec]

I found a potential security vulnerability while using this project. The vulnerability could lead to arbitrary file deletion.

Here’s a brief summary:

Affected Version: master branch

Affected API: /service/uploadDetailImage

Code Location: java_server-master/src/main/java/com/changyu/foryou/controller/FoodController.java:1244

To minimize risk, I’m happy to share the detailed proof of concept and reproduction steps privately via DM.

Thank you for your work on this open-source project!