OWASP Top 10 Security Concerns In 2013"

From Documentation
m (Created page with "= What is the OWASP Top 10? = The Open Web Application Security Project (OWASP) is a worldwide not-for-profit charitable organization focused on improving the security of softwa...")
 
Line 4: Line 4:
  
 
= OWASP Top 10 in 2013 =
 
= OWASP Top 10 in 2013 =
 +
 +
In the subsections that follow, the top 10 security risks are described briefly. Depending on the nature of the security weaknesses, a front-end framework such as ZK is not the source of vulnerabilities.
  
 
== Injection ==
 
== Injection ==

Revision as of 07:24, 23 March 2015

What is the OWASP Top 10?

The Open Web Application Security Project (OWASP) is a worldwide not-for-profit charitable organization focused on improving the security of software. The OWASP Top Ten is a powerful awareness document for web application security that provides a list of the 10 most critical web application security risks. The most recent version of this document was published in 2013.

OWASP Top 10 in 2013

In the subsections that follow, the top 10 security risks are described briefly. Depending on the nature of the security weaknesses, a front-end framework such as ZK is not the source of vulnerabilities.

Injection

Broken Authentication and Session Management

Cross-Site Scripting (XSS)

Insecure Direct Object References

Security Misconfiguration

Sensitive Data Exposure

Missing Function Level Access Control

Cross-Site Request Forgery (CSRF)

Using Components with Known Vulnerabilities

Unvalidated Redirects and Forwards

Retrieved from "https://www.zkoss.org/_w/index.php?title=ZK_Developer%27s_Reference/Security_Tips/OWASP_Top_10_Security_Concerns_In_2013&oldid=43050"