Definition
Plain language
A security bug where an attacker tricks a program into reaching files outside the folder it was supposed to stay in.
As stated in the literature
A vulnerability class in which unsanitized input containing directory components (like dot-dot-slash) lets an attacker access files outside the intended directory; one of the standard injected-vulnerability types in agentic code-security evaluations.
Why it matters: It can expose private files a program was never meant to share, making input checking on file paths essential.
For example, a download feature that doesn't check filenames might let someone request '../../passwords' and walk right out of the intended folder to a sensitive file.