The OWASP 2013 Top 10 vulnerabilities reflects the state of security in web development. The OWASP Top 10 project is an excellent tool that provides insight on the top-10 most critical Web Application vulnerabilities. Using these guidelines to drive Web Application security assessments has become a standard practice.
The Top 10 for 2013 are:
- A1 – Injection
- A2 – Broken Authentication and Session Management
- A3 – Cross-Site Scripting (XSS)
- A4 – Insecure Direct Object References
- A5 – Security Misconfiguration
- A6 – Sensitive Data Exposure
- A7 – Missing Function Level Access Control
- A8 – Cross-Site Request Forgery (CSRF)
- A9 – Using Known Vulnerable Components
- A10 – Unvalidated Redirects and Forwards
Get the full report.