dcsimg
 

Top 10 Web Application Vulnerabilities

Friday Nov 24th 2017 by Developer.com Staff

These are the big mistakes that Web developers need to avoid.

The Open Web Application Security Project (OWASP) has updated its list of the top 10 most critical Web application security risks. "Change has accelerated over the last four years, and the OWASP Top 10 needed to change," OWASP wrote. "We’ve completely refactored the OWASP Top 10, revamped the methodology, utilized a new data call process, worked with the community, re-ordered our risks, rewritten each risk from the ground up, and added references to frameworks and languages that are now commonly used."

The top 10 are as follows:

  1. Injection
  2. Broken Authentication
  3. Sensitive Data Exposure
  4. XML External Entities (XXE)
  5. Broken Access Control
  6. Security Misconfiguration
  7. Cross-Site Scripting (XSS)
  8. Insecure Deserialization
  9. Using Components with Known Vulnerabilities
  10. Insufficient Logging and Monitoring

View article

Home
Mobile Site | Full Site