CWE-51: Path Equivalence: '/multiple//internal/slash'

CWE-51: Path Equivalence: '/multiple//internal/slash' is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The product accepts path input in the form of multiple internal slash ('/multiple//internal/slash/') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files.

If exploited, CWE-51 (Path Equivalence: '/multiple//internal/slash') it can compromise Confidentiality and Integrity, leading to outcomes such as Read Files or Directories and Modify Files or Directories.

CWE-51 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.

MITRE documents real CVEs mapped to CWE-51, including CVE-2002-1483. You can look up the full details of each CVE, including CVSS scores and remediation guidance, on our CVE Lookup tool.

A CWE (Common Weakness Enumeration) like CWE-51 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.