A path traversal vulnerability in the UI/static component of leonvanzyl autocoder commit 79d02a allows attackers to read arbitrary files via sending crafted URL…

A path traversal vulnerability has been identified in the UI/static component of leonvanzyl's autocoder application at commit 79d02a. The vulnerability allows remote attackers to read arbitrary files on the server by crafting malicious URL paths containing directory traversal sequences. This security flaw enables unauthorized file access, potentially exposing sensitive system files and application data. The vulnerability affects the static file serving functionality of the web interface. Attackers can exploit this by manipulating URL parameters to navigate outside the intended directory structure.