2024 CWE Top 25 Most Dangerous Software Weaknesses: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) CWE-22
Path traversal, also known as directory traversal, is a vulnerability that allows an attacker to access files and directories stored outside the intended directory. By exploiting improper validation of user-supplied input, attackers can manipulate file paths to access sensitive system files, configuration files, or any other data stored on the server.