rspec/rules/S2083/common/pitfalls/partial-path-traversal.adoc

==== Partial Path Traversal

When validating untrusted paths by checking if they start with a trusted folder name,
**ensure the validation string contains a path separator as the last character**. +
A partial path traversal vulnerability can be unintentionally introduced into
the application without a path separator as the last character of the
validation strings.
Modify S2083&S6096(Education): Add Partial Path Traversal to pitfalls (#1243) 2022-09-14 19:49:53 +02:00			`==== Partial Path Traversal`

			`When validating untrusted paths by checking if they start with a trusted folder name,`
			`ensure the validation string contains a path separator as the last character. +`
			`A partial path traversal vulnerability can be unintentionally introduced into`
			`the application without a path separator as the last character of the`
			`validation strings.`