CWE-59: Improper Link Resolution Before File Access ('Link Following')

BaseDraftExploit Likelihood: Medium

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

View on MITRE
Back to CWE Lookup

Technical Details

Structure
Simple

Applicable To

Languages
Not Language-Specific
Platforms
WindowsUnix

Learn More

Find Related CVEs

Search for vulnerabilities that exploit CWE-59

CVE vs CWE: What's the Difference?

Understanding vulnerabilities vs weaknesses

Understanding CVSS Scoring

How vulnerability severity is measured

View Full MITRE Entry

Complete technical details and references

CWE-59: Improper Link Resolution Before File Access ('Link Following') | CWE Lookup | Inventive HQ