hansonwang99 Spring-Boot-In-Action Path Traversal Vulnerability in File Upload Component

A critical path traversal vulnerability has been identified in the 'hansonwang99 Spring-Boot-In-Action' project, specifically in the master branch prior to the commit '807fd37643aa774b94fd004cc3adbd29ca17e9aa'. The issue arises in the 'ImageUploadService.java' file within the 'springbt_watermark' subproject. The vulnerability is present in the 'watermarkTest' function, where improper validation of the 'filename' argument allows for path traversal. This exploitation can be performed remotely, potentially leading to unauthorized file uploads to arbitrary locations on the server.

Impact

Exploitation of this vulnerability allows for path traversal, where an attacker can manipulate file upload parameters to bypass directory restrictions and upload files to unintended locations on the server.

Reproduction

To reproduce this vulnerability, send a request to the '/watermarktest' endpoint with a crafted 'filename' parameter that includes path traversal sequences. The lack of proper path validation will allow the file to be uploaded to an arbitrary location on the system.