Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | High |
Description#
User input from HTTP requests is being passed directly to path.join or path.resolve when building file paths in Express applications. This can allow attackers to manipulate file paths and access or overwrite files outside the intended directory.
Impact#
If exploited, an attacker could read, modify, or overwrite sensitive files on the server by crafting special input (like ‘../’). This can lead to data breaches, application compromise, or service disruption.