so.cl

Client Side Path Traversal attacks arises when a web application loads some content using XmlHTTPRequests (XHR for short) and the user have control over some section of the path where to load the resource. This may lead to achieve many kind of Client Side issues such as XSS, CSSi, etc if not correctly sanitized.

The impact depends of each application because each one threat that user controllable inputs in the javascript in a different way and with a different purpose. That’s why the context of each parameter really matters. Practical Client Side Path Traversal Attacks