SYM_JSTS_0065 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
External Control of File Name or Path
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-73: External Control of File Name or Path |
| OWASP | A04:2021 - Insecure Design |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | High |
Description
Passing user input directly to res.sendFile in Express can let attackers manipulate file paths and access files outside the intended directory. Input should always be validated and paths canonicalized before using sendFile to prevent unauthorized file access.
Impact
If exploited, an attacker could read sensitive files on the server (such as configuration files, environment variables, or source code) by submitting crafted requests. This can lead to data breaches, exposure of credentials, and compromise of the application's security.