Path Traversal

Path traversal occurs when an application uses user-controlled file paths without proper validation or normalization. Attackers may use traversal sequences to access sensitive files, configuration data, source code, logs, or system files that should not be publicly available. This vulnerability is common in file download, upload, preview, backup, and document handling features, and can lead to sensitive information disclosure or further system compromise.