Top 10 list of web application vulnerabilities released

Share this article:

Companies wanting to better secure their web applications and services can start the process by reviewing the newly released Top 10 list of critical web application security problems recently disseminated by the Open Web Application Security Project (OWASP).

The list, now in its second year, is organized into the types of vulnerabilities that frequently occur in web applications and is in line with the current draft web security definitions that will be incorporated into the soon-to-be-released OASIS WAS XML standard. This year's Top 10 also has a new category for web application denial of service vulnerabilities, which have become more prevalent during the last 12 months.

The categories in this year's Top 10 are Unvalidated Input, Broken Access Control, Broken Authentication and Session Management, Cross Site Scripting Flaws, Buffer Overflows, Injection Flaws, Improper Error Handling, Insecure Storage, Denial of Service, and Insecure Configuration Management. 

The complete Top 10 report is available for download at www.owasp.org

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Apple implements two-factor authentication

The company followed through on its promise to up iCloud security by implementing two-factor authentication earlier this week.

C&K apologizes for unauthorized access that led to Goodwill breach

A web hosting service apologized for intermittent unauthorized access of its hosted environment over 18 months that led to the Goodwill breach.

Yelp and TinyCo settle with FTC over COPPA Rule violations

Yelp and TinyCo settle with FTC over COPPA ...

Yelp will pay $450,000, and TinyCo will pay $300,000 to settle charges that their mobile apps collected information from children under the age of 13.