CWE-427
Uncontrolled Search Path Element
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
Official CWE-427 definition at MITREImpactr finds and proves weaknesses like CWE-427 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist