CWE-1386
Insecure Operation on Windows Junction / Mount Point
The product opens a file or directory, but it does not properly prevent the name from being associated with a junction or mount point to a destination that is outside of the intended control sphere.
Official CWE-1386 definition at MITREImpactr finds and proves weaknesses like CWE-1386 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist