OWASP Top 10 Security Concerns In 2013"

From Documentation
Line 5: Line 5:
 
= OWASP Top 10 in 2013 =
 
= OWASP Top 10 in 2013 =
  
In the subsections that follow, the top 10 security risks are described briefly. Depending on the nature of the security weaknesses, a front-end framework such as ZK is not the source of vulnerabilities.
+
In the subsections that follow, the top 10 security risks are described briefly. Depending on the nature of the security vulnerability, a front-end framework such as ZK is not the source of weaknesses that need to be strengthened.  
  
 
== Injection ==
 
== Injection ==

Revision as of 11:17, 23 March 2015

What is the OWASP Top 10?

The Open Web Application Security Project (OWASP) is a worldwide not-for-profit charitable organization focused on improving the security of software. The OWASP Top Ten is a powerful awareness document for web application security that provides a list of the 10 most critical web application security risks. The most recent version of this document was published in 2013.

OWASP Top 10 in 2013

In the subsections that follow, the top 10 security risks are described briefly. Depending on the nature of the security vulnerability, a front-end framework such as ZK is not the source of weaknesses that need to be strengthened.

Injection

Broken Authentication and Session Management

Cross-Site Scripting (XSS)

Insecure Direct Object References

Security Misconfiguration

Sensitive Data Exposure

Missing Function Level Access Control

Cross-Site Request Forgery (CSRF)

Using Components with Known Vulnerabilities

Unvalidated Redirects and Forwards

Retrieved from "https://www.zkoss.org/_w/index.php?title=ZK_Developer%27s_Reference/Security_Tips/OWASP_Top_10_Security_Concerns_In_2013&oldid=43052"