- Cross Site Scripting (XSS)
- Injection Flaws
- Malicious File Execution
- Insecure Direct Object Reference
- Cross Site Request Forgery
- Information Leakage and Improper Error Handling
- Broken Authentication and Session Management
- Insecure Cryptographic Storage
- Insecure Communications
- Failure to Restrict URL Access
Tuesday, November 25, 2008
Top 10 Web Application Security Vulnerabilities
If you are developing web applications, and don't know the meaning of and how to prevent the following 10 security threats, OWASP Top 10 is good reading material.