If the file upload feature is implemented without proper folder restriction, it
will result in an implicit trust violation within the server, as trusted files
will be implicitly stored alongside third-party files that should be considered
untrusted.

This can allow an attacker to disrupt the security of an internal server
process or the running application.