CWE-52
Path Equivalence: '/multiple/trailing/slash//'
The product accepts path input in the form of multiple trailing slash ('/multiple/trailing/slash//') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files.
Official CWE-52 definition at MITREImpactr finds and proves weaknesses like CWE-52 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist