CWE-66
Improper Handling of File Names that Identify Virtual Resources
The product does not handle or incorrectly handles a file name that identifies a virtual resource that is not directly specified within the directory that is associated with the file name, causing the product to perform file-based operations on a resource that is not a file.
Official CWE-66 definition at MITREImpactr finds and proves weaknesses like CWE-66 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist