Use of Incorrectly-Resolved Name or Reference
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-706: Use of Incorrectly-Resolved Name or Reference |
| OWASP | A01:2021 - Broken Access Control |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Medium |
Description#
The code allows user input to directly control which template or HTML page is rendered with res.render(). This can let attackers specify arbitrary files to load, including those they shouldn’t have access to.
Impact#
If exploited, attackers could use directory traversal to render unauthorized templates or sensitive files, potentially exposing confidential information or application internals. This can lead to information disclosure, bypassing of access controls, or further attacks against your system.