[MEDIUM] Flight has path traversal in `make:controller` CLI that creates arbitrary directories outside project root

PKSA-1wr3-jdqm-7ppr CVE-2026-42549 GHSA-3xjv-pmf2-gf2q

Affected package: flightphp/core

Affected version: <3.18.1

Reported by:
GitHub