https://wiki.owasp.org/index.php?action=history&feed=atom&title=Germany%2FProjekte%2FTop_10-2013-Details_zu_Risiko-Faktoren
Germany/Projekte/Top 10-2013-Details zu Risiko-Faktoren - Revision history
2026-05-02T22:44:39Z
Revision history for this page on the wiki
MediaWiki 1.27.2
https://wiki.owasp.org/index.php?title=Germany/Projekte/Top_10-2013-Details_zu_Risiko-Faktoren&diff=209856&oldid=prev
T.Gigler: Editoral Edit (underlined all links)
2016-02-27T18:10:33Z
<p>Editoral Edit (underlined all links)</p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 18:10, 27 February 2016</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l89" >Line 89:</td>
<td colspan="2" class="diff-lineno">Line 89:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>jeweiligen Unternehmen oder der Organisation evaluieren sollte. Einige von diesen waren schon in früheren Versionen der Top  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>jeweiligen Unternehmen oder der Organisation evaluieren sollte. Einige von diesen waren schon in früheren Versionen der Top  </div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>10 enthalten, andere nicht - wie z.B. neue Angriffs-Techniken. Andere wichtige Risiken sind (in alphabetischer Reihenfolge):  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>10 enthalten, andere nicht - wie z.B. neue Angriffs-Techniken. Andere wichtige Risiken sind (in alphabetischer Reihenfolge):  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* [https://www.owasp.org/index.php/Clickjacking  Clickjacking]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* [https://www.owasp.org/index.php/Clickjacking  <ins class="diffchange diffchange-inline"><u></ins>Clickjacking<ins class="diffchange diffchange-inline"></u></ins>]</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* [https://www.owasp.org/index.php/Testing_for_Race_Conditions_(OWASP-AT-010)  Concurrency Flaws]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* [https://www.owasp.org/index.php/Testing_for_Race_Conditions_(OWASP-AT-010)  <ins class="diffchange diffchange-inline"><u></ins>Concurrency Flaws<ins class="diffchange diffchange-inline"></u></ins>]</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* [https://www.owasp.org/index.php/Application_Denial_of_Service  Denial of Service] (war in der 2004 OWASP Top 10 als Eintrag 2004-A9 enthalten)  </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* [https://www.owasp.org/index.php/Application_Denial_of_Service  <ins class="diffchange diffchange-inline"><u></ins>Denial of Service<ins class="diffchange diffchange-inline"></u></ins>] (war in der 2004 OWASP Top 10 als Eintrag 2004-A9 enthalten)  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* [https://www.aspectsecurity.com/uploads/downloads/2011/09/ExpressionLanguageInjection.pdf  Expression Language Injection] ([http://cwe.mitre.org/data/definitions/917.html  CWE-917])</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* [https://www.aspectsecurity.com/uploads/downloads/2011/09/ExpressionLanguageInjection.pdf  <ins class="diffchange diffchange-inline"><u></ins>Expression Language Injection<ins class="diffchange diffchange-inline"></u></ins>] ([http://cwe.mitre.org/data/definitions/917.html  <ins class="diffchange diffchange-inline"><u></ins>CWE-917<ins class="diffchange diffchange-inline"></u></ins>])</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* [http://projects.webappsec.org/Information-Leakage  Information Leakage] und [https://www.owasp.org/index.php/Top_10_2007-A6  Improper Error Handling] <del class="diffchange diffchange-inline">( </del>(war Teil der 2007er Top 10 – [https://www.owasp.org/index.php/Top_10_2007-A6 Eintrag 2007-A6])</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* [http://projects.webappsec.org/Information-Leakage  <ins class="diffchange diffchange-inline"><u></ins>Information Leakage<ins class="diffchange diffchange-inline"></u></ins>] und [https://www.owasp.org/index.php/Top_10_2007-A6  <ins class="diffchange diffchange-inline"><u></ins>Improper Error Handling<ins class="diffchange diffchange-inline"></u></ins>] (war Teil der 2007er Top 10 – [https://www.owasp.org/index.php/Top_10_2007-A6 <ins class="diffchange diffchange-inline"><u></ins>Eintrag 2007-A6<ins class="diffchange diffchange-inline"></u></ins>])</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* [http://projects.webappsec.org/Insufficient+Anti-automation Insufficient Anti-automation] ([http://cwe.mitre.org/data/definitions/799.html  CWE-799])</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* [http://projects.webappsec.org/Insufficient+Anti-automation <ins class="diffchange diffchange-inline"><u></ins>Insufficient Anti-automation<ins class="diffchange diffchange-inline"></u></ins>] ([http://cwe.mitre.org/data/definitions/799.html  <ins class="diffchange diffchange-inline"><u></ins>CWE-799<ins class="diffchange diffchange-inline"></u></ins>])</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* Insufficient Logging and Accountability <del class="diffchange diffchange-inline">(</del>(floss in 2007 Top 10 – [https://www.owasp.org/index.php/Top_10_2007-A6  Eintrag 2007-A6])</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* Insufficient Logging and Accountability (floss in 2007 Top 10 – [https://www.owasp.org/index.php/Top_10_2007-A6  <ins class="diffchange diffchange-inline"><u></ins>Eintrag 2007-A6<ins class="diffchange diffchange-inline"></u></ins>])</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* [https://www.owasp.org/index.php/ApplicationLayerIntrustionDetection <del class="diffchange diffchange-inline"> </del>Lack of Intrusion Detection and Response]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* [https://www.owasp.org/index.php/ApplicationLayerIntrustionDetection <ins class="diffchange diffchange-inline"><u></ins>Lack of Intrusion Detection and Response<ins class="diffchange diffchange-inline"></u></ins>]</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* [https://www.owasp.org/index.php/Top_10_2007-A3  Malicious File Execution] (war in 2007er Top 10 – [https://www.owasp.org/index.php/Top_10_2007-A3  Eintrag 2007-A3])</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* [https://www.owasp.org/index.php/Top_10_2007-A3  <ins class="diffchange diffchange-inline"><u></ins>Malicious File Execution<ins class="diffchange diffchange-inline"></u></ins>] (war in 2007er Top 10 – [https://www.owasp.org/index.php/Top_10_2007-A3  <ins class="diffchange diffchange-inline"><u></ins>Eintrag 2007-A3<ins class="diffchange diffchange-inline"></u></ins>])</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* [http://en.wikipedia.org/wiki/Mass_assignment_vulnerability  Mass Assignment] ([http://cwe.mitre.org/data/definitions/915.html  CWE-915])</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* [http://en.wikipedia.org/wiki/Mass_assignment_vulnerability  <ins class="diffchange diffchange-inline"><u></ins>Mass Assignment<ins class="diffchange diffchange-inline"></u></ins>] ([http://cwe.mitre.org/data/definitions/915.html  <ins class="diffchange diffchange-inline"><u></ins>CWE-915<ins class="diffchange diffchange-inline"></u></ins>])</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* [https://www.owasp.org/index.php/Privacy_Violation <del class="diffchange diffchange-inline"> </del>User Privacy], vgl auch [[OWASP Top 10 Privacy Risks Project|OWASP Top 10 Privacy Risks]]-Projekt</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* [https://www.owasp.org/index.php/Privacy_Violation <ins class="diffchange diffchange-inline"><u></ins>User Privacy<ins class="diffchange diffchange-inline"></u></ins>], vgl auch [[OWASP Top 10 Privacy Risks Project|<ins class="diffchange diffchange-inline"><u></ins>OWASP Top 10 Privacy Risks<ins class="diffchange diffchange-inline"></u></ins>]]-Projekt</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{{Top_10:SubsectionTableEndTemplate}}</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{{Top_10:SubsectionTableEndTemplate}}</div></td></tr>
</table>
T.Gigler
https://wiki.owasp.org/index.php?title=Germany/Projekte/Top_10-2013-Details_zu_Risiko-Faktoren&diff=209852&oldid=prev
T.Gigler: Editoral Edit
2016-02-27T17:42:35Z
<p>Editoral Edit</p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 17:42, 27 February 2016</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l17" >Line 17:</td>
<td colspan="2" class="diff-lineno">Line 17:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Bedrohungsquellen gibt, die den notwendigen Angriff ausführen können oder die tatsächlichen Auswirkungen auf das  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Bedrohungsquellen gibt, die den notwendigen Angriff ausführen können oder die tatsächlichen Auswirkungen auf das  </div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Unternehmen und die Geschäftsprozesse zu vernachlässigen sind.  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Unternehmen und die Geschäftsprozesse zu vernachlässigen sind.  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"></del></div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><center></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><center></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><table style="align:center; border-collapse: collapse; text-align:center; margin: 0px 5px 0px 5px; border: 3px solid #444444;  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><table style="align:center; border-collapse: collapse; text-align:center; margin: 0px 5px 0px 5px; border: 3px solid #444444;  </div></td></tr>
</table>
T.Gigler
https://wiki.owasp.org/index.php?title=Germany/Projekte/Top_10-2013-Details_zu_Risiko-Faktoren&diff=209850&oldid=prev
T.Gigler: Final Update according to German Translation of the Top 10
2016-02-27T17:39:10Z
<p>Final Update according to German Translation of the Top 10</p>
<a href="https://wiki.owasp.org/index.php?title=Germany/Projekte/Top_10-2013-Details_zu_Risiko-Faktoren&diff=209850&oldid=153871">Show changes</a>
T.Gigler
https://wiki.owasp.org/index.php?title=Germany/Projekte/Top_10-2013-Details_zu_Risiko-Faktoren&diff=153871&oldid=prev
T.Gigler: Import vom engl. Wiki, mit language=de
2013-06-15T20:38:34Z
<p>Import vom engl. Wiki, mit language=de</p>
<p><b>New page</b></p><div>{{Top_10_2013:TopTemplate<br />
|usenext=Nothing<br />
|next=<br />
|useprev=2013PrevLink<br />
|prev={{Top_10:LanguageFile|text=noteAboutRisks|language=de}}<br />
|year=2013<br />
|language=de<br />
}}<br />
<br />
{{Top_10:SubsectionTableBeginTemplate|type=main}} {{Top_10_2010:SubsectionAdvancedTemplate|type={{Top_10_2010:StyleTemplate}}|subsection=freetext|position=firstWhole|title={{Top_10:LanguageFile|text=top10RiskFactorSummary|language=de}}|width=100%|year=2013|language=de}}<br />
<br />
The following table presents a summary of the 2013 Top 10 Application Security Risks, and the risk factors we have assigned to each risk. These factors were determined based on the available statistics and the experience of the OWASP Top 10 team. To understand these risks for a particular application or organization, <u>you must consider your own specific threat agents and business impacts</u>. Even egregious software weaknesses may not present a serious risk if there are no threat agents in a position to perform the necessary attack or the business impact is negligible for the assets involved.<br />
<br />
<center><br />
<table style="align:center; border-collapse: collapse; text-align:center; margin: 0px 5px 0px 5px; border: 3px solid #444444; <br />
<br />
background-color: {{Top 10:BackgroundColor|year=2013 }};<br />
padding=2;"><br />
<br />
<tr style="background-color: {{Top 10:BorderColor|year=2013}}; height: 2em; font-size: 130%; color: #FFFFFF; text-shadow: 2px 2px 8px #444444; "><br />
<th style="border: 3px solid #444444;">{{Top_10:LanguageFile|text=risk|language=de}}</th><br />
<th style="border: 3px solid #444444;">{{Top_10:LanguageFile|text=threatAgents|language=de}}</th><br />
<th style="border: 3px solid #444444;">{{Top_10:LanguageFile|text=attackVectors|language=de}}</th><br />
<th style="border: 3px solid #444444;">{{Top_10:LanguageFile|text=securityWeakness|language=de}}<div style="font-size: 60%;">({{Top_10:LanguageFile|text=prevalence|language=de}})</div></th><br />
<th style="border: 3px solid #444444;">{{Top_10:LanguageFile|text=securityWeakness|language=de}}<div style="font-size: 60%;">({{Top_10:LanguageFile|text=detectability|language=de}})</div></th><br />
<th style="border: 3px solid #444444;">{{Top_10:LanguageFile|text=technicalImpacts|language=de}}</th><br />
<th style="border: 3px solid #444444;">{{Top_10:LanguageFile|text=businessImpacts|language=de}}</th><br />
</tr><br />
<tr><td style="border: 3px solid #444444;">[[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A1-{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}}|A1-{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}}]]</td><br />
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td><br />
{{Top_10:SummaryTableTemplate|type=valueOnly|exploitability=1|prevalence=2|detectability=2|impact=1|language=de|year=2013}}<br />
<td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td></tr><br />
<br />
<tr><td style="border: 3px solid #444444;">[[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A2-{{Top_10_2010:ByTheNumbers|2|language=de|year=2013}}|A2-{{Top_10:LanguageFile|text=authentication|year=2013|language=de}}]]</td><br />
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td><br />
{{Top_10:SummaryTableTemplate|type=valueOnly|exploitability=2|prevalence=1|detectability=2|impact=1|language=de|year=2013}}<br />
<td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td></tr><br />
<br />
<br />
<tr><td style="border: 3px solid #444444;">[[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A3-{{Top_10_2010:ByTheNumbers|3|language=de|year=2013}}|A3-{{Top_10:LanguageFile|text=xssShort|year=2013|language=de}}]]</td><br />
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td><br />
{{Top_10:SummaryTableTemplate|type=valueOnly|exploitability=2|prevalence=0|detectability=1|impact=2|language=de|year=2013}}<br />
<td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td></tr><br />
<br />
<tr><td style="border: 3px solid #444444;">[[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A4-{{Top_10_2010:ByTheNumbers|4|language=de|year=2013}}|A4-{{Top_10:LanguageFile|text=insecureDOR|year=2013|language=de}}]]</td><td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td><br />
{{Top_10:SummaryTableTemplate|type=valueOnly|exploitability=1|prevalence=2|detectability=1|impact=2|language=de|year=2013}}<br />
<td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td></tr><br />
<br />
<tr><td style="border: 3px solid #444444;">[[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A5-{{Top_10_2010:ByTheNumbers|5|language=de|year=2013}}|A5-{{Top_10:LanguageFile|text=misconfig|year=2013|language=de}}]]</td><br />
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td><br />
{{Top_10:SummaryTableTemplate|type=valueOnly|exploitability=1|prevalence=2|detectability=1|impact=2|language=de|year=2013}}<br />
<td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td></tr><br />
<br />
<tr><td style="border: 3px solid #444444;">[[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}|A6-{{Top_10:LanguageFile|text=sensData|year=2013|language=de}}]]</td><br />
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td><br />
{{Top_10:SummaryTableTemplate|type=valueOnly|exploitability=3|prevalence=3|detectability=2|impact=1|language=de|year=2013}}<br />
<td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td></tr><br />
<br />
<tr><td style="border: 3px solid #444444;">[[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A7-{{Top_10_2010:ByTheNumbers|7|language=de|year=2013}}|A7-{{Top_10:LanguageFile|text=functionAcc|year=2013|language=de}}]]</td><br />
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td><br />
{{Top_10:SummaryTableTemplate|type=valueOnly|exploitability=1|prevalence=2|detectability=2|impact=2|language=de|year=2013}}<br />
<td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td></tr><br />
<br />
<tr><td style="border: 3px solid #444444;">[[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A8-{{Top_10_2010:ByTheNumbers|8|language=de|year=2013}}|A8-{{Top_10:LanguageFile|text=csrfShort|year=2013|language=de}}]]</td><br />
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td><br />
{{Top_10:SummaryTableTemplate|type=valueOnly|exploitability=2|prevalence=2|detectability=1|impact=2|language=de|year=2013}}<br />
<td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td></tr><br />
<br />
<tr><td style="border: 3px solid #444444;">[[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A9-{{Top_10_2010:ByTheNumbers|9|language=de|year=2013}}|A9-{{Top_10:LanguageFile|text=vulnComponents|year=2013|language=de}}]]</td><br />
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td><br />
{{Top_10:SummaryTableTemplate|type=valueOnly|exploitability=2|prevalence=1|detectability=3|impact=2|language=de|year=2013}}<br />
<td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td></tr><br />
<br />
<tr><td style="border: 3px solid #444444;">[[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A10-{{Top_10_2010:ByTheNumbers|10|language=de|year=2013}}|A10-{{Top_10:LanguageFile|text=unvalRedirects|year=2013|language=de}}]]</td><br />
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td><br />
{{Top_10:SummaryTableTemplate|type=valueOnly|exploitability=2|prevalence=3|detectability=1|impact=2|language=de|year=2013}}<br />
<td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td></tr><br />
<br />
</table></center> <!-- End risk table --><br />
<br />
<br />
{{Top_10_2010:SubsectionAdvancedTemplate|type={{Top_10_2010:StyleTemplate}}|subsection=freetext|position=whole|title={{Top_10:LanguageFile|text=additionalRisksToConsider|language=de}}|width=100%|year=2013|language=de}}<br />
The Top 10 cover a lot of ground, but there are many other risks you should consider and evaluate in your organization. Some of these have appeared in previous versions of the Top 10, and others have not, including new attack techniques that are being identified all the time. Other important application security risks (in alphabetical order) that you should also consider include:<br />
* [https://www.owasp.org/index.php/Clickjacking Clickjacking]<br />
* [https://www.owasp.org/index.php/Testing_for_Race_Conditions_(OWASP-AT-010) Concurrency Flaws]<br />
* [https://www.owasp.org/index.php/Application_Denial_of_Service Denial of Service] (Was 2004 Top 10 – Entry 2004-A9)<br />
* [https://www.aspectsecurity.com/uploads/downloads/2011/09/ExpressionLanguageInjection.pdf Expression Language Injection] ([http://cwe.mitre.org/data/definitions/917.html CWE-917])<br />
* [http://projects.webappsec.org/Information-Leakage Information Leakage] and [https://www.owasp.org/index.php/Top_10_2007-A6 Improper Error Handling] (Was part of 2007 Top 10 – [https://www.owasp.org/index.php/Top_10_2007-A6 Entry 2007-A6])<br />
* [http://projects.webappsec.org/Insufficient+Anti-automation Insufficient Anti-automation] ([http://cwe.mitre.org/data/definitions/799.html CWE-799])<br />
* Insufficient Logging and Accountability (Related to 2007 Top 10 – [https://www.owasp.org/index.php/Top_10_2007-A6 Entry 2007-A6])<br />
* [https://www.owasp.org/index.php/ApplicationLayerIntrustionDetection Lack of Intrusion Detection and Response]<br />
* [https://www.owasp.org/index.php/Top_10_2007-A3 Malicious File Execution] (Was 2007 Top 10 – [https://www.owasp.org/index.php/Top_10_2007-A3 Entry 2007-A3])<br />
* [http://en.wikipedia.org/wiki/Mass_assignment_vulnerability Mass Assignment] ([http://cwe.mitre.org/data/definitions/915.html CWE-915])<br />
* [https://www.owasp.org/index.php/Privacy_Violation User Privacy]<br />
<br />
{{Top_10:SubsectionTableEndTemplate}}<br />
{{Top_10_2013:BottomTemplate<br />
|usenext=Nothing<br />
|useprev=2013PrevLink<br />
|prev={{Top_10:LanguageFile|text=noteAboutRisks|language=de}}<br />
|next=<br />
|year=2013<br />
|language=de<br />
}}</div>
T.Gigler