CWE-35 : Path Traversal: '.../...//'
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory.
Related CAPEC definitions
No related CAPEC definitions found
Please note that CWE definitions are provided as a quick reference only.
Visit http://cwe.mitre.org/ for a complete list of CWE entries
and for more details.