The vulnerability stems from an insufficient path sanitization mechanism in the normalizePath() function, which fails to properly handle certain path traversal payloads. This flaw is exploited through the application's feature allowing users to set a custom logo, where the manipulated file path can point to critical files such as the application's database or configuration files. The impact is significant, allowing for information disclosure, unauthorized file manipulation, service disruption, and unauthorized system access.

An attacker with manager privileges can exploit this vulnerability by manipulating the logo file path to point to critical system files, enabling them to read, delete, or overwrite these files. For instance, by setting the logo file path to a traversal sequence leading to the application's database, the attacker can download or manipulate the database. Similarly, deleting key configuration files can disrupt the application's functionality, leading to a denial of service.

The vulnerability primarily affects users with manager roles who have the capability to set custom logos within the application. However, the broader impact includes all users and the application's operations, as unauthorized file operations and service disruptions compromise the integrity, availability, and confidentiality of the application and its data.