The vulnerability stems from the application's handling of artifact deletion requests. Specifically, the application fails to properly decode and sanitize the 'path' parameter, allowing attackers to craft malicious URLs that bypass path validation checks. This flaw enables attackers to traverse the server's directory structure and delete files or directories outside the intended scope. The issue is exacerbated by the application's repeated decoding of the URL, which under certain conditions, can lead to the bypassing of security checks designed to prevent such traversal attacks.

An attacker crafts a specially encoded URL that exploits the path traversal vulnerability by including encoded representations of directory traversal sequences (e.g., '../../../'). The attacker sends a DELETE request to the server with this malicious URL. Due to insufficient URL decoding and validation, the server processes the request, interpreting the encoded path as a legitimate directory traversal, leading to the deletion of arbitrary directories on the server's filesystem.

Servers running mlflow version 2.9.2 are vulnerable to this attack. Administrators and users of such systems are at risk of unauthorized file and directory deletions, which could lead to data loss, service disruption, and potentially further exploitation if critical system files are targeted.