The software uses external input to construct a pathname that
					should be within a restricted directory, but it does not properly neutralize
					"../" sequences that can resolve to a location that is outside of that
					directory.This allows attackers to traverse the file system to access files or
						directories that are outside of the restricted directory.The "../" manipulation is the canonical manipulation for operating systems
						that use "/" as directory separators, such as UNIX- and Linux-based systems.
						In some cases, it is useful for bypassing protection schemes in environments
						for which "/" is supported but not the primary separator, such as Windows,
						which uses "\" but can also accept "/".