Standardlikelihood: Highseverity: HighDraft

CAPEC-48Passing Local Filenames to Functions That Expect a URL

Abstraction
Standard
Status
Draft
Likelihood
High
Severity
High

Description

This attack relies on client side code to access local files and resources instead of URLs. When the client browser is expecting a URL string, but instead receives a request for a local file, that execution is likely to occur in the browser process space with the browser's authority to local files. The attacker can send the results of this request to the local files out to a site that they control. This attack may be used to steal sensitive authentication data (either local or remote), or to gain system profile information to launch further attacks.

Related weaknesses· 2

CWE-241CWE-706

Related attack patterns· 1

CAPEC-212 (ChildOf)

Exploits2

TypeTargetConfidenceTier
WeaknessUse of Incorrectly-Resolved Name or Referencecwe-706100%live
WeaknessImproper Handling of Unexpected Data Typecwe-241100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
User-Controlled Filename
CAPEC
PHP Local File Inclusion
CAPEC
Manipulating Web Input to File System Calls
CAPEC
Local Code Inclusion
CAPEC
XSS Targeting URI Placeholders
CAPEC
PHP Remote File Inclusion
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.