Here server dont check the owner of any comment. During Comment deletion it does not check whether the comment is created by user or not. so i can delete a comment of others user.
goto https://localhost:8080/blog/comments .
select any commnet which is already aproved.
3.Unaprove it by clicking "Hide Comment".
implement proper access control mechanism so that when user try to delete a comment first check the comment is belongs to that user or not.