diff --git a/src/main/java/de/tum/in/www1/artemis/service/BuildLogEntryService.java b/src/main/java/de/tum/in/www1/artemis/service/BuildLogEntryService.java
index 006a2d4afae8..001a3141599a 100644
--- a/src/main/java/de/tum/in/www1/artemis/service/BuildLogEntryService.java
+++ b/src/main/java/de/tum/in/www1/artemis/service/BuildLogEntryService.java
@@ -347,6 +347,11 @@ public void saveBuildLogsToFile(List<BuildLogEntry> buildLogEntries, String buil
      * @return A {@link FileSystemResource} representing the log file if it exists, or {@code null} if the log file cannot be found.
      */
     public FileSystemResource retrieveBuildLogsFromFileForBuildJob(String buildJobId) {
+        if (buildJobId.contains("/") || buildJobId.contains("\\") || buildJobId.contains("..")) {
+            log.warn("Invalid build job ID: {}", buildJobId);
+            throw new IllegalArgumentException("Invalid build job ID");
+        }
+
         ProgrammingExercise programmingExercise = retrieveProgrammingExerciseByBuildJobId(buildJobId);
         String courseShortName = programmingExercise.getCourseViaExerciseGroupOrCourseMember().getShortName();
         String exerciseShortName = programmingExercise.getShortName();