CWE-641: Improper Restriction of Names for Files and Other Resources

"The product constructs the name of a file or other resource using input from an upstream component, but it does not restrict or incorrectly restricts the resulting name." - Entry from the Common Weakness Enumeration