diff --git a/test-track/backend/src/main/java/io/metersphere/controller/AttachmentController.java b/test-track/backend/src/main/java/io/metersphere/controller/AttachmentController.java
index 876e1a1c33..097905f70e 100644
--- a/test-track/backend/src/main/java/io/metersphere/controller/AttachmentController.java
+++ b/test-track/backend/src/main/java/io/metersphere/controller/AttachmentController.java
@@ -4,6 +4,9 @@ import io.metersphere.base.domain.FileAttachmentMetadata;
 import io.metersphere.commons.constants.OperLogConstants;
 import io.metersphere.commons.constants.OperLogModule;
 import io.metersphere.commons.constants.PermissionConstants;
+import io.metersphere.commons.exception.MSException;
+import io.metersphere.constants.AttachmentType;
+import io.metersphere.i18n.Translator;
 import io.metersphere.log.annotation.MsAuditLog;
 import io.metersphere.metadata.service.FileMetadataService;
 import io.metersphere.request.attachment.AttachmentDumpRequest;
@@ -97,6 +100,9 @@ public class AttachmentController {
     @MsAuditLog(module = OperLogModule.TRACK_TEST_CASE, type = OperLogConstants.UPDATE, content = "#msClass.getLogDetails(#request.belongId, #request.belongType, #request.metadataRefIds, true)", msClass = AttachmentService.class)
     @RequiresPermissions(PermissionConstants.PROJECT_TRACK_CASE_READ_EDIT)
     public void caseRelate(@RequestBody AttachmentRequest request) {
+        if (!AttachmentType.TEST_CASE.type().equals(request.getBelongType())) {
+            MSException.throwException(Translator.get("invalid_parameter"));
+        }
         attachmentService.relate(request);
     }
 
@@ -104,6 +110,9 @@ public class AttachmentController {
     @MsAuditLog(module = OperLogModule.TRACK_BUG, type = OperLogConstants.UPDATE, content = "#msClass.getLogDetails(#request.belongId, #request.belongType, #request.metadataRefIds, true)", msClass = AttachmentService.class)
     @RequiresPermissions(PermissionConstants.PROJECT_TRACK_ISSUE_READ_EDIT)
     public void issueRelate(@RequestBody AttachmentRequest request) {
+        if (!AttachmentType.ISSUE.type().equals(request.getBelongType())) {
+            MSException.throwException(Translator.get("invalid_parameter"));
+        }
         attachmentService.relate(request);
     }
 
@@ -111,6 +120,9 @@ public class AttachmentController {
     @MsAuditLog(module = OperLogModule.TRACK_TEST_CASE, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.belongId, #request.belongType, #request.metadataRefIds)", msClass = AttachmentService.class)
     @RequiresPermissions(PermissionConstants.PROJECT_TRACK_CASE_READ_EDIT)
     public void caseUnrelated(@RequestBody AttachmentRequest request) {
+        if (!AttachmentType.TEST_CASE.type().equals(request.getBelongType())) {
+            MSException.throwException(Translator.get("invalid_parameter"));
+        }
         attachmentService.unrelated(request);
     }
 
@@ -118,6 +130,9 @@ public class AttachmentController {
     @MsAuditLog(module = OperLogModule.TRACK_BUG, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.belongId, #request.belongType, #request.metadataRefIds)", msClass = AttachmentService.class)
     @RequiresPermissions(PermissionConstants.PROJECT_TRACK_ISSUE_READ_EDIT)
     public void issueUnrelated(@RequestBody AttachmentRequest request) {
+        if (!AttachmentType.ISSUE.type().equals(request.getBelongType())) {
+            MSException.throwException(Translator.get("invalid_parameter"));
+        }
         attachmentService.unrelated(request);
     }
 
diff --git a/test-track/backend/src/main/java/io/metersphere/service/AttachmentService.java b/test-track/backend/src/main/java/io/metersphere/service/AttachmentService.java
index 5b73d89901..6dca920039 100644
--- a/test-track/backend/src/main/java/io/metersphere/service/AttachmentService.java
+++ b/test-track/backend/src/main/java/io/metersphere/service/AttachmentService.java
@@ -87,6 +87,8 @@ public class AttachmentService {
             if (testCase == null) {
                 MSException.throwException(Translator.get("test_case_attachment_upload_not_found") + request.getBelongId());
             }
+        } else {
+            MSException.throwException(Translator.get("invalid_parameter"));
         }
 
         // 上传MS平台
@@ -451,6 +453,9 @@ public class AttachmentService {
     }
 
     public FileAttachmentMetadata saveAttachment(MultipartFile file, String attachmentType, String belongId) {
+        if (attachmentType.contains("/") || belongId.contains("/")) {
+            MSException.throwException(Translator.get("invalid_parameter"));
+        }
         String uploadPath = FileUtils.ATTACHMENT_DIR + "/" + attachmentType + "/" + belongId;
         FileUtils.uploadFile(file, uploadPath);
         final FileAttachmentMetadata fileAttachmentMetadata = new FileAttachmentMetadata();