https://wiki.owasp.org/index.php?action=history&feed=atom&title=Germany%2FProjekte%2FTop_10_fuer_Entwickler-2013%2FNeuerungen
Germany/Projekte/Top 10 fuer Entwickler-2013/Neuerungen - Revision history
2026-05-04T04:50:38Z
Revision history for this page on the wiki
MediaWiki 1.27.2
https://wiki.owasp.org/index.php?title=Germany/Projekte/Top_10_fuer_Entwickler-2013/Neuerungen&diff=209643&oldid=prev
T.Gigler: Updated according to OWASP Top10 2013 DE
2016-02-25T16:15:37Z
<p>Updated according to OWASP Top10 2013 DE</p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 16:15, 25 February 2016</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l13" >Line 13:</td>
<td colspan="2" class="diff-lineno">Line 13:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>}}</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>}}</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{{Top_10:SubsectionTableBeginTemplate|type=main}}{{Top_10_2010:SubsectionAdvancedTemplate|type={{Top_10_2010:StyleTemplate}}|subsection=freetext|position=firstWhole|title={{Top_10:LanguageFile|text=whatChangedFrom2010to2013|year=2013|language=de}}|width=100%|year=2013|language=de}}</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{{Top_10:SubsectionTableBeginTemplate|type=main}}{{Top_10_2010:SubsectionAdvancedTemplate|type={{Top_10_2010:StyleTemplate}}|subsection=freetext|position=firstWhole|title={{Top_10:LanguageFile|text=whatChangedFrom2010to2013|year=2013|language=de}}|width=100%|year=2013|language=de}}</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">The threat landscape for applications security constantly changes</del>. <del class="diffchange diffchange-inline">Key factors in this evolution are advances made by attackers</del>, <del class="diffchange diffchange-inline">the release of new technologies with new weaknesses as well as more built in defenses</del>, <del class="diffchange diffchange-inline">and the deployment of increasingly complex systems</del>. <del class="diffchange diffchange-inline">To keep pace</del>, <del class="diffchange diffchange-inline">we periodically update the </del>OWASP Top 10. In <del class="diffchange diffchange-inline">this </del>2013 <del class="diffchange diffchange-inline">release, we made the following changes</del>:</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">Die Bedrohungen für die Sicherheit von Anwendungen ändern sich permanent</ins>. <ins class="diffchange diffchange-inline">Schlüsselfaktoren dieser Weiterentwicklung sind die Fortschritte</ins>, <ins class="diffchange diffchange-inline">die Angreifer machen</ins>, <ins class="diffchange diffchange-inline">Veröffentlichungen neuer Technologien mit neuen Schwachstellen oder integrierte Abwehrmechanismen und der Einsatz immer komplexerer Systeme</ins>. <ins class="diffchange diffchange-inline">Um mit dieser Entwicklung Schritt zu halten</ins>, <ins class="diffchange diffchange-inline">aktualisieren wir die </ins>OWASP Top 10 <ins class="diffchange diffchange-inline">regelmäßig</ins>. In <ins class="diffchange diffchange-inline">der vorliegenden Version </ins>2013 <ins class="diffchange diffchange-inline">gibt es die folgenden Änderungen</ins>:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><ol></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><ol></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><li><del class="diffchange diffchange-inline">Broken Authentication and </del>Session Management <del class="diffchange diffchange-inline">moved up in prevalence based on our data set</del>,<del class="diffchange diffchange-inline">. Probably because this area is being looked at harder</del>, <del class="diffchange diffchange-inline">not because issues are actually more prevalent</del>. <del class="diffchange diffchange-inline">This caused Risks </del>A2 <del class="diffchange diffchange-inline">and </del>A3 <del class="diffchange diffchange-inline">to switch places.</del></li></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><li>Cross-Site Request Forgery (CSRF) <del class="diffchange diffchange-inline">moved down </del>in <del class="diffchange diffchange-inline">prevalence based on our data set from </del>2010-A5 <del class="diffchange diffchange-inline">to </del>2013-A8. <del class="diffchange diffchange-inline">We believe this is because </del>CSRF <del class="diffchange diffchange-inline">has been </del>in <del class="diffchange diffchange-inline">the </del>OWASP Top 10 <del class="diffchange diffchange-inline">for 6 years</del>, <del class="diffchange diffchange-inline">and organizations and framework developers have focused on it enough to significantly reduce the number of </del>CSRF <del class="diffchange diffchange-inline">vulnerabilities </del>in <del class="diffchange diffchange-inline">real world applications</del>.</li></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><li><ins class="diffchange diffchange-inline">Die Häufigkeit der Kategorie „''Fehler in Authentifizierung und </ins>Session Management<ins class="diffchange diffchange-inline">''“ ist den Daten nach gestiegen. Wir glauben, dass dies nicht an einer tatsächlichen Steigerung der Häufigkeit liegt</ins>, <ins class="diffchange diffchange-inline">sondern daran</ins>, <ins class="diffchange diffchange-inline">dass dieser Bereich stärker in den Fokus geraten ist</ins>. <ins class="diffchange diffchange-inline">Daher sind die Risiken </ins>A2 <ins class="diffchange diffchange-inline">und </ins>A3 <ins class="diffchange diffchange-inline">in ihrer Reihenfolge getauscht worden</ins></li></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><li><del class="diffchange diffchange-inline">We broadened Failure to Restrict </del>URL <del class="diffchange diffchange-inline">Access from the 2010 </del>OWASP Top 10 <del class="diffchange diffchange-inline">to be more inclusive</del>:</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><li><ins class="diffchange diffchange-inline">„''</ins>Cross-Site Request Forgery (CSRF)<ins class="diffchange diffchange-inline">''” rutschte aufgrund unserer Datenbasis </ins>in <ins class="diffchange diffchange-inline">der Häufigkeit von </ins>2010-A5 <ins class="diffchange diffchange-inline">auf </ins>2013-A8. CSRF <ins class="diffchange diffchange-inline">ist seit 6 Jahren </ins>in <ins class="diffchange diffchange-inline">den </ins>OWASP Top 10 <ins class="diffchange diffchange-inline">zu finden. Wir glauben, dass sich daher in dieser Zeit Organisationen, Firmen und Entwickler von Frameworks genug mit diesem Thema beschäftigt haben</ins>, <ins class="diffchange diffchange-inline">um die Zahl von </ins>CSRF<ins class="diffchange diffchange-inline">-Schwachstellen </ins>in <ins class="diffchange diffchange-inline">produktiven Anwendungen signifikant zu senken</ins>.</li></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><li><ins class="diffchange diffchange-inline">Wir haben die Kategorie „''Mangelhafter </ins>URL<ins class="diffchange diffchange-inline">-Zugriffschutz''” aus den </ins>OWASP Top 10 <ins class="diffchange diffchange-inline">2010 erweitert und verallgemeinert</ins>:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><p style="padding-left: 2em; text-indent: -2em;"></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><p style="padding-left: 2em; text-indent: -2em;"></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;2010-A8: <del class="diffchange diffchange-inline">Failure to Restrict </del>URL <del class="diffchange diffchange-inline">Access is now <u></del>2013-A7: <del class="diffchange diffchange-inline">Missing Function Level Access Control</u> – to cover all of function level access control</del>. <del class="diffchange diffchange-inline">There are many ways to specify which function is being accessed</del>, <del class="diffchange diffchange-inline">not just the </del>URL.</p></li></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;2010-A8:<ins class="diffchange diffchange-inline">„''Mangelhafter </ins>URL<ins class="diffchange diffchange-inline">-Zugriffschutz''” ist nun zu </ins>2013-A7: <ins class="diffchange diffchange-inline">„''Fehlerhafte Autorisierung auf Anwendungsebene''” geworden</ins>. <ins class="diffchange diffchange-inline">Um den Zugriffsschutz und die Autorisierung auf Anwendungsebene sicherzustellen gibt es viele Möglichkeiten</ins>, <ins class="diffchange diffchange-inline">eben nicht nur die </ins>URL.</p></li></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><li><del class="diffchange diffchange-inline">We merged and broadened </del>2010-A7 <del class="diffchange diffchange-inline">& 2010-</del>A9 <del class="diffchange diffchange-inline">to CREATE: <u></del>2013-A6: <del class="diffchange diffchange-inline">Sensitive Data Exposure</u></del>:</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><li>2010-A7 <ins class="diffchange diffchange-inline">und </ins>A9 <ins class="diffchange diffchange-inline">wurden zusammengefasst, um daraus </ins>2013-A6: <ins class="diffchange diffchange-inline">„''Verlust der Vertraulichkeit sensibler Daten''“ zu machen</ins>:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><p style="padding-left: 2em; text-indent: -2em;"></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><p style="padding-left: 2em; text-indent: -2em;"></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<del class="diffchange diffchange-inline">This new category was created by merging </del>2010-A7 – <del class="diffchange diffchange-inline">Insecure Cryptographic Storage  & </del>2010-A9 <del class="diffchange diffchange-inline">- Insufficient Transport Layer Protection, plus adding browser side sensitive data risks as well</del>. <del class="diffchange diffchange-inline">This new category covers sensitive data protection </del>(<del class="diffchange diffchange-inline">other than access control which is covered by </del>2013-A4 <del class="diffchange diffchange-inline">and </del>2013-A7) <del class="diffchange diffchange-inline">from the moment sensitive data is provided by the user</del>, <del class="diffchange diffchange-inline">sent to and stored within the application, and then sent back to the browser again</del>.</p></li></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<ins class="diffchange diffchange-inline">Diese neue Kategorie wurde durch das Zusammenlegen von </ins>2010-A7 – <ins class="diffchange diffchange-inline">„''Kryptografisch unsichere Speicherung''“ und </ins>2010-A9 <ins class="diffchange diffchange-inline">– „''Unzureichende Absicherung der Transportschicht''“ zusätzlich mit den Risiken sensibler Daten im Browser geschaffen</ins>. <ins class="diffchange diffchange-inline">Sie beinhaltet den Schutz der Vertraulichkeit sensibler Daten </ins>(<ins class="diffchange diffchange-inline">anders als die Zugriffskontrollen aus </ins>2013-A4 <ins class="diffchange diffchange-inline">und </ins>2013-A7) <ins class="diffchange diffchange-inline">vom Moment der Eingabe über den Transport zum Server</ins>, <ins class="diffchange diffchange-inline">die Verarbeitung und die Speicherung im Server bis hin zur erneuten Auslieferung an den Benutzer</ins>.</p></li></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><li><del class="diffchange diffchange-inline">We added: <u></del>2013-A9: <del class="diffchange diffchange-inline">Using Components with Known Vulnerabilities</u></del>:</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><li><ins class="diffchange diffchange-inline">Wir haben </ins>2013-A9: <ins class="diffchange diffchange-inline">„''Verwendung von Komponenten mit bekannten Schwachstellen''” hinzugefügt:</ins>:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><p style="padding-left: 2em; text-indent: -2em;"></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><p style="padding-left: 2em; text-indent: -2em;"></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<del class="diffchange diffchange-inline">This issue was mentioned as part of </del>2010-A6 – <del class="diffchange diffchange-inline">Security Misconfiguration</del>, <del class="diffchange diffchange-inline">but now has a category of its own as the growth and depth of component based development has significantly increased the risk of using components with known vulnerabilities</del>.</p></li></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<ins class="diffchange diffchange-inline">Dieser Punkt wurde als Teil von </ins>2010-A6 – <ins class="diffchange diffchange-inline">„''Sicherheitsrelevante Fehlkonfiguration''” erwähnt</ins>, <ins class="diffchange diffchange-inline">nun aber zur eigenen Kategorie gemacht: Die generelle Zunahme und die steigende Komplexität von komponentenbasierten Entwicklungen hat das Risiko, Komponenten mit bekannten Schwachstellen einzusetzen, signifikant erhöht</ins>.</p></li></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></ol></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></ol></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{{Top_10:SubsectionTableEndTemplate}}</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{{Top_10:SubsectionTableEndTemplate}}</div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l32" >Line 32:</td>
<td colspan="2" class="diff-lineno">Line 37:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{| style="width: 99%; align:center; text-align:center; border: 2px solid #4d953d; background-color:#F2F2F2; padding=2;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{| style="width: 99%; align:center; text-align:center; border: 2px solid #4d953d; background-color:#F2F2F2; padding=2;"  </div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #4d953d; color: #FFFFFF;"</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #4d953d; color: #FFFFFF;"</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>! OWASP Top 10 - 2010 (<del class="diffchange diffchange-inline">Previous Version</del>) !! OWASP Top 10 - 2013 (<del class="diffchange diffchange-inline">Current Version</del>)</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>! OWASP Top 10 - 2010 (<ins class="diffchange diffchange-inline">alt</ins>) !! OWASP Top 10 - 2013 (<ins class="diffchange diffchange-inline">neu</ins>)</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A1 | A1-<del class="diffchange diffchange-inline">Injection</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A1 | A1-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|1|language=de|year=2010}}</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A1-{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}}|A1-{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A1-{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}}|A1-{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A3 | A3-<del class="diffchange diffchange-inline">Broken Authentication and Session Management</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A3 | A3-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|3|language=de|year=2010}}</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A2-{{Top_10_2010:ByTheNumbers|2|language=de|year=2013}}|A2-{{Top_10_2010:ByTheNumbers|2|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A2-{{Top_10_2010:ByTheNumbers|2|language=de|year=2013}}|A2-{{Top_10_2010:ByTheNumbers|2|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A2 | A2-<del class="diffchange diffchange-inline">Cross Site Scripting (XSS)</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A2 | A2-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|2|language=de|year=2010}}</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A3-{{Top_10_2010:ByTheNumbers|3|language=de|year=2013}}|A3-{{Top_10_2010:ByTheNumbers|3|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A3-{{Top_10_2010:ByTheNumbers|3|language=de|year=2013}}|A3-{{Top_10_2010:ByTheNumbers|3|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A4 | A4-<del class="diffchange diffchange-inline">Insecure Direct Object Reference</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A4 | A4-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|4|language=de|year=2010}}</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A4-{{Top_10_2010:ByTheNumbers|4|language=de|year=2013}}|A4-{{Top_10_2010:ByTheNumbers|4|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A4-{{Top_10_2010:ByTheNumbers|4|language=de|year=2013}}|A4-{{Top_10_2010:ByTheNumbers|4|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A6 | A6-<del class="diffchange diffchange-inline">Security Misconfiguration</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A6 | A6-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|6|language=de|year=2010}}</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A5-{{Top_10_2010:ByTheNumbers|5|language=de|year=2013}}|A5-{{Top_10_2010:ByTheNumbers|5|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A5-{{Top_10_2010:ByTheNumbers|5|language=de|year=2013}}|A5-{{Top_10_2010:ByTheNumbers|5|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #D7D6C0;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #D7D6C0;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A7 | A7-<del class="diffchange diffchange-inline">Insecure Cryptographic Storage </del>- <del class="diffchange diffchange-inline">Merged with </del>A9 -->]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A7 | A7-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|7|language=de|year=2010}} </ins>- <ins class="diffchange diffchange-inline">mit </ins>A9 -->]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}|A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}|A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #D7D6C0;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #D7D6C0;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A8 | A8-<del class="diffchange diffchange-inline">Failure to Restrict URL Access </del>- <del class="diffchange diffchange-inline">Broadened into </del>-->]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A8 | A8-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|8|language=de|year=2010}} </ins>- <ins class="diffchange diffchange-inline">erweitert zu </ins>-->]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A7-{{Top_10_2010:ByTheNumbers|7|language=de|year=2013}}|A7-{{Top_10_2010:ByTheNumbers|7|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A7-{{Top_10_2010:ByTheNumbers|7|language=de|year=2013}}|A7-{{Top_10_2010:ByTheNumbers|7|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2007-A5 | A5-<del class="diffchange diffchange-inline">Cross Site Request Forgery (CSRF)</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2007-A5 | A5-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|5|language=de|year=2010}}</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A8-{{Top_10_2010:ByTheNumbers|8|language=de|year=2013}}|A8-{{Top_10_2010:ByTheNumbers|8|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A8-{{Top_10_2010:ByTheNumbers|8|language=de|year=2013}}|A8-{{Top_10_2010:ByTheNumbers|8|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #D7D6C0;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #D7D6C0;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A6 | <<del class="diffchange diffchange-inline">buried in </del>A6: <del class="diffchange diffchange-inline">Security Misconfiguration</del>>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A6 | <<ins class="diffchange diffchange-inline">Teil von </ins>A6: <ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|6|language=de|year=2010}}</ins>>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A9-{{Top_10_2010:ByTheNumbers|9|language=de|year=2013}}|A9-{{Top_10_2010:ByTheNumbers|9|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A9-{{Top_10_2010:ByTheNumbers|9|language=de|year=2013}}|A9-{{Top_10_2010:ByTheNumbers|9|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A10 | A10-<del class="diffchange diffchange-inline">Unvalidated Redirects and Forwards</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A10 | A10-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|10|language=de|year=2010}}</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A10-{{Top_10_2010:ByTheNumbers|10|language=de|year=2013}}|A10-{{Top_10_2010:ByTheNumbers|10|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A10-{{Top_10_2010:ByTheNumbers|10|language=de|year=2013}}|A10-{{Top_10_2010:ByTheNumbers|10|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #E6B9B8;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #E6B9B8;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A9 | A9-<del class="diffchange diffchange-inline">Insufficient Transport Layer Protection</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A9 | A9-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|9|language=de|year=2010}}</ins>]]</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| <del class="diffchange diffchange-inline">Merged with </del>[[Top_10_2010-A7 | 2010-A7]] <del class="diffchange diffchange-inline">into </del>[[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}|2013-A6]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| <ins class="diffchange diffchange-inline">Zusammen mit </ins>[[Top_10_2010-A7 | 2010-A7]] <ins class="diffchange diffchange-inline">nun im neuen </ins>[[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}|2013-A6]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|}</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|}</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></center></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></center></div></td></tr>
</table>
T.Gigler
https://wiki.owasp.org/index.php?title=Germany/Projekte/Top_10_fuer_Entwickler-2013/Neuerungen&diff=209642&oldid=prev
T.Gigler: Undo revision 209640 by T.Gigler (talk) wg. Korrektur des Summaries
2016-02-25T16:12:54Z
<p>Undo revision 209640 by <a href="/index.php/Special:Contributions/T.Gigler" title="Special:Contributions/T.Gigler">T.Gigler</a> (<a href="/index.php/User_talk:T.Gigler" title="User talk:T.Gigler">talk</a>) wg. Korrektur des Summaries</p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 16:12, 25 February 2016</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l13" >Line 13:</td>
<td colspan="2" class="diff-lineno">Line 13:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>}}</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>}}</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{{Top_10:SubsectionTableBeginTemplate|type=main}}{{Top_10_2010:SubsectionAdvancedTemplate|type={{Top_10_2010:StyleTemplate}}|subsection=freetext|position=firstWhole|title={{Top_10:LanguageFile|text=whatChangedFrom2010to2013|year=2013|language=de}}|width=100%|year=2013|language=de}}</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{{Top_10:SubsectionTableBeginTemplate|type=main}}{{Top_10_2010:SubsectionAdvancedTemplate|type={{Top_10_2010:StyleTemplate}}|subsection=freetext|position=firstWhole|title={{Top_10:LanguageFile|text=whatChangedFrom2010to2013|year=2013|language=de}}|width=100%|year=2013|language=de}}</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">Die Bedrohungen für die Sicherheit von Anwendungen ändern sich permanent</del>. <del class="diffchange diffchange-inline">Schlüsselfaktoren dieser Weiterentwicklung sind die Fortschritte</del>, <del class="diffchange diffchange-inline">die Angreifer machen</del>, <del class="diffchange diffchange-inline">Veröffentlichungen neuer Technologien mit neuen Schwachstellen oder integrierte Abwehrmechanismen und der Einsatz immer komplexerer Systeme</del>. <del class="diffchange diffchange-inline">Um mit dieser Entwicklung Schritt zu halten</del>, <del class="diffchange diffchange-inline">aktualisieren wir die </del>OWASP Top 10 <del class="diffchange diffchange-inline">regelmäßig</del>. In <del class="diffchange diffchange-inline">der vorliegenden Version </del>2013 <del class="diffchange diffchange-inline">gibt es die folgenden Änderungen</del>:</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">The threat landscape for applications security constantly changes</ins>. <ins class="diffchange diffchange-inline">Key factors in this evolution are advances made by attackers</ins>, <ins class="diffchange diffchange-inline">the release of new technologies with new weaknesses as well as more built in defenses</ins>, <ins class="diffchange diffchange-inline">and the deployment of increasingly complex systems</ins>. <ins class="diffchange diffchange-inline">To keep pace</ins>, <ins class="diffchange diffchange-inline">we periodically update the </ins>OWASP Top 10. In <ins class="diffchange diffchange-inline">this </ins>2013 <ins class="diffchange diffchange-inline">release, we made the following changes</ins>:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><ol></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><ol></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><li><ins class="diffchange diffchange-inline">Broken Authentication and </ins>Session Management <ins class="diffchange diffchange-inline">moved up in prevalence based on our data set,</ins>. <ins class="diffchange diffchange-inline">Probably because this area is being looked at harder</ins>, <ins class="diffchange diffchange-inline">not because issues are actually more prevalent</ins>. <ins class="diffchange diffchange-inline">This caused Risks </ins>A2 <ins class="diffchange diffchange-inline">and </ins>A3 <ins class="diffchange diffchange-inline">to switch places.</ins></li></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><li><del class="diffchange diffchange-inline">Die Häufigkeit der Kategorie „''Fehler in Authentifizierung und </del>Session Management<del class="diffchange diffchange-inline">''“ ist den Daten nach gestiegen</del>. <del class="diffchange diffchange-inline">Wir glauben</del>, <del class="diffchange diffchange-inline">dass dies nicht an einer tatsächlichen Steigerung der Häufigkeit liegt, sondern daran, dass dieser Bereich stärker in den Fokus geraten ist</del>. <del class="diffchange diffchange-inline">Daher sind die Risiken </del>A2 <del class="diffchange diffchange-inline">und </del>A3 <del class="diffchange diffchange-inline">in ihrer Reihenfolge getauscht worden</del></li></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><li>Cross-Site Request Forgery (CSRF) <ins class="diffchange diffchange-inline">moved down </ins>in <ins class="diffchange diffchange-inline">prevalence based on our data set from </ins>2010-A5 <ins class="diffchange diffchange-inline">to </ins>2013-A8. <ins class="diffchange diffchange-inline">We believe this is because </ins>CSRF <ins class="diffchange diffchange-inline">has been </ins>in <ins class="diffchange diffchange-inline">the </ins>OWASP Top 10 <ins class="diffchange diffchange-inline">for 6 years</ins>, <ins class="diffchange diffchange-inline">and organizations and framework developers have focused on it enough to significantly reduce the number of </ins>CSRF <ins class="diffchange diffchange-inline">vulnerabilities </ins>in <ins class="diffchange diffchange-inline">real world applications</ins>.</li></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><li><ins class="diffchange diffchange-inline">We broadened Failure to Restrict </ins>URL <ins class="diffchange diffchange-inline">Access from the 2010 </ins>OWASP Top 10 <ins class="diffchange diffchange-inline">to be more inclusive</ins>:</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><li><del class="diffchange diffchange-inline">„''</del>Cross-Site Request Forgery (CSRF)<del class="diffchange diffchange-inline">''” rutschte aufgrund unserer Datenbasis </del>in <del class="diffchange diffchange-inline">der Häufigkeit von </del>2010-A5 <del class="diffchange diffchange-inline">auf </del>2013-A8. CSRF <del class="diffchange diffchange-inline">ist seit 6 Jahren </del>in <del class="diffchange diffchange-inline">den </del>OWASP Top 10 <del class="diffchange diffchange-inline">zu finden. Wir glauben, dass sich daher in dieser Zeit Organisationen, Firmen und Entwickler von Frameworks genug mit diesem Thema beschäftigt haben</del>, <del class="diffchange diffchange-inline">um die Zahl von </del>CSRF<del class="diffchange diffchange-inline">-Schwachstellen </del>in <del class="diffchange diffchange-inline">produktiven Anwendungen signifikant zu senken</del>.</li></div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><li><del class="diffchange diffchange-inline">Wir haben die Kategorie „''Mangelhafter </del>URL<del class="diffchange diffchange-inline">-Zugriffschutz''” aus den </del>OWASP Top 10 <del class="diffchange diffchange-inline">2010 erweitert und verallgemeinert</del>:</div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><p style="padding-left: 2em; text-indent: -2em;"></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><p style="padding-left: 2em; text-indent: -2em;"></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;2010-A8:<del class="diffchange diffchange-inline">„''Mangelhafter </del>URL<del class="diffchange diffchange-inline">-Zugriffschutz''” ist nun zu </del>2013-A7: <del class="diffchange diffchange-inline">„''Fehlerhafte Autorisierung auf Anwendungsebene''” geworden</del>. <del class="diffchange diffchange-inline">Um den Zugriffsschutz und die Autorisierung auf Anwendungsebene sicherzustellen gibt es viele Möglichkeiten</del>, <del class="diffchange diffchange-inline">eben nicht nur die </del>URL.</p></li></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;2010-A8: <ins class="diffchange diffchange-inline">Failure to Restrict </ins>URL <ins class="diffchange diffchange-inline">Access is now <u></ins>2013-A7: <ins class="diffchange diffchange-inline">Missing Function Level Access Control</u> – to cover all of function level access control</ins>. <ins class="diffchange diffchange-inline">There are many ways to specify which function is being accessed</ins>, <ins class="diffchange diffchange-inline">not just the </ins>URL.</p></li></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><li><ins class="diffchange diffchange-inline">We merged and broadened </ins>2010-A7 <ins class="diffchange diffchange-inline">& 2010-</ins>A9 <ins class="diffchange diffchange-inline">to CREATE: <u></ins>2013-A6: <ins class="diffchange diffchange-inline">Sensitive Data Exposure</u></ins>:</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><li>2010-A7 <del class="diffchange diffchange-inline">und </del>A9 <del class="diffchange diffchange-inline">wurden zusammengefasst, um daraus </del>2013-A6: <del class="diffchange diffchange-inline">„''Verlust der Vertraulichkeit sensibler Daten''“ zu machen</del>:</div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><p style="padding-left: 2em; text-indent: -2em;"></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><p style="padding-left: 2em; text-indent: -2em;"></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<del class="diffchange diffchange-inline">Diese neue Kategorie wurde durch das Zusammenlegen von </del>2010-A7 – <del class="diffchange diffchange-inline">„''Kryptografisch unsichere Speicherung''“ und </del>2010-A9 <del class="diffchange diffchange-inline">– „''Unzureichende Absicherung der Transportschicht''“ zusätzlich mit den Risiken sensibler Daten im Browser geschaffen</del>. <del class="diffchange diffchange-inline">Sie beinhaltet den Schutz der Vertraulichkeit sensibler Daten </del>(<del class="diffchange diffchange-inline">anders als die Zugriffskontrollen aus </del>2013-A4 <del class="diffchange diffchange-inline">und </del>2013-A7) <del class="diffchange diffchange-inline">vom Moment der Eingabe über den Transport zum Server</del>, <del class="diffchange diffchange-inline">die Verarbeitung und die Speicherung im Server bis hin zur erneuten Auslieferung an den Benutzer</del>.</p></li></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<ins class="diffchange diffchange-inline">This new category was created by merging </ins>2010-A7 – <ins class="diffchange diffchange-inline">Insecure Cryptographic Storage  & </ins>2010-A9 <ins class="diffchange diffchange-inline">- Insufficient Transport Layer Protection, plus adding browser side sensitive data risks as well</ins>. <ins class="diffchange diffchange-inline">This new category covers sensitive data protection </ins>(<ins class="diffchange diffchange-inline">other than access control which is covered by </ins>2013-A4 <ins class="diffchange diffchange-inline">and </ins>2013-A7) <ins class="diffchange diffchange-inline">from the moment sensitive data is provided by the user, sent to and stored within the application</ins>, <ins class="diffchange diffchange-inline">and then sent back to the browser again</ins>.</p></li></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><li><ins class="diffchange diffchange-inline">We added: <u></ins>2013-A9: <ins class="diffchange diffchange-inline">Using Components with Known Vulnerabilities</u></ins>:</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><li><del class="diffchange diffchange-inline">Wir haben </del>2013-A9: <del class="diffchange diffchange-inline">„''Verwendung von Komponenten mit bekannten Schwachstellen''” hinzugefügt:</del>:</div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><p style="padding-left: 2em; text-indent: -2em;"></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><p style="padding-left: 2em; text-indent: -2em;"></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<del class="diffchange diffchange-inline">Dieser Punkt wurde als Teil von </del>2010-A6 – <del class="diffchange diffchange-inline">„''Sicherheitsrelevante Fehlkonfiguration''” erwähnt</del>, <del class="diffchange diffchange-inline">nun aber zur eigenen Kategorie gemacht: Die generelle Zunahme und die steigende Komplexität von komponentenbasierten Entwicklungen hat das Risiko, Komponenten mit bekannten Schwachstellen einzusetzen, signifikant erhöht</del>.</p></li></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<ins class="diffchange diffchange-inline">This issue was mentioned as part of </ins>2010-A6 – <ins class="diffchange diffchange-inline">Security Misconfiguration</ins>, <ins class="diffchange diffchange-inline">but now has a category of its own as the growth and depth of component based development has significantly increased the risk of using components with known vulnerabilities</ins>.</p></li></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></ol></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></ol></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{{Top_10:SubsectionTableEndTemplate}}</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{{Top_10:SubsectionTableEndTemplate}}</div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l37" >Line 37:</td>
<td colspan="2" class="diff-lineno">Line 32:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{| style="width: 99%; align:center; text-align:center; border: 2px solid #4d953d; background-color:#F2F2F2; padding=2;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{| style="width: 99%; align:center; text-align:center; border: 2px solid #4d953d; background-color:#F2F2F2; padding=2;"  </div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #4d953d; color: #FFFFFF;"</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #4d953d; color: #FFFFFF;"</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>! OWASP Top 10 - 2010 (<del class="diffchange diffchange-inline">alt</del>) !! OWASP Top 10 - 2013 (<del class="diffchange diffchange-inline">neu</del>)</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>! OWASP Top 10 - 2010 (<ins class="diffchange diffchange-inline">Previous Version</ins>) !! OWASP Top 10 - 2013 (<ins class="diffchange diffchange-inline">Current Version</ins>)</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A1 | A1-<del class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|1|language=de|year=2010}}</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A1 | A1-<ins class="diffchange diffchange-inline">Injection</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A1-{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}}|A1-{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A1-{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}}|A1-{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A3 | A3-<del class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|3|language=de|year=2010}}</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A3 | A3-<ins class="diffchange diffchange-inline">Broken Authentication and Session Management</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A2-{{Top_10_2010:ByTheNumbers|2|language=de|year=2013}}|A2-{{Top_10_2010:ByTheNumbers|2|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A2-{{Top_10_2010:ByTheNumbers|2|language=de|year=2013}}|A2-{{Top_10_2010:ByTheNumbers|2|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A2 | A2-<del class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|2|language=de|year=2010}}</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A2 | A2-<ins class="diffchange diffchange-inline">Cross Site Scripting (XSS)</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A3-{{Top_10_2010:ByTheNumbers|3|language=de|year=2013}}|A3-{{Top_10_2010:ByTheNumbers|3|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A3-{{Top_10_2010:ByTheNumbers|3|language=de|year=2013}}|A3-{{Top_10_2010:ByTheNumbers|3|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A4 | A4-<del class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|4|language=de|year=2010}}</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A4 | A4-<ins class="diffchange diffchange-inline">Insecure Direct Object Reference</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A4-{{Top_10_2010:ByTheNumbers|4|language=de|year=2013}}|A4-{{Top_10_2010:ByTheNumbers|4|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A4-{{Top_10_2010:ByTheNumbers|4|language=de|year=2013}}|A4-{{Top_10_2010:ByTheNumbers|4|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A6 | A6-<del class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|6|language=de|year=2010}}</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A6 | A6-<ins class="diffchange diffchange-inline">Security Misconfiguration</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A5-{{Top_10_2010:ByTheNumbers|5|language=de|year=2013}}|A5-{{Top_10_2010:ByTheNumbers|5|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A5-{{Top_10_2010:ByTheNumbers|5|language=de|year=2013}}|A5-{{Top_10_2010:ByTheNumbers|5|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #D7D6C0;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #D7D6C0;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A7 | A7-<del class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|7|language=de|year=2010}} </del>- <del class="diffchange diffchange-inline">mit </del>A9 -->]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A7 | A7-<ins class="diffchange diffchange-inline">Insecure Cryptographic Storage </ins>- <ins class="diffchange diffchange-inline">Merged with </ins>A9 -->]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}|A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}|A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #D7D6C0;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #D7D6C0;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A8 | A8-<del class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|8|language=de|year=2010}} </del>- <del class="diffchange diffchange-inline">erweitert zu </del>-->]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A8 | A8-<ins class="diffchange diffchange-inline">Failure to Restrict URL Access </ins>- <ins class="diffchange diffchange-inline">Broadened into </ins>-->]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A7-{{Top_10_2010:ByTheNumbers|7|language=de|year=2013}}|A7-{{Top_10_2010:ByTheNumbers|7|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A7-{{Top_10_2010:ByTheNumbers|7|language=de|year=2013}}|A7-{{Top_10_2010:ByTheNumbers|7|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2007-A5 | A5-<del class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|5|language=de|year=2010}}</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2007-A5 | A5-<ins class="diffchange diffchange-inline">Cross Site Request Forgery (CSRF)</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A8-{{Top_10_2010:ByTheNumbers|8|language=de|year=2013}}|A8-{{Top_10_2010:ByTheNumbers|8|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A8-{{Top_10_2010:ByTheNumbers|8|language=de|year=2013}}|A8-{{Top_10_2010:ByTheNumbers|8|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #D7D6C0;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #D7D6C0;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A6 | <<del class="diffchange diffchange-inline">Teil von </del>A6: <del class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|6|language=de|year=2010}}</del>>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A6 | <<ins class="diffchange diffchange-inline">buried in </ins>A6: <ins class="diffchange diffchange-inline">Security Misconfiguration</ins>>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A9-{{Top_10_2010:ByTheNumbers|9|language=de|year=2013}}|A9-{{Top_10_2010:ByTheNumbers|9|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A9-{{Top_10_2010:ByTheNumbers|9|language=de|year=2013}}|A9-{{Top_10_2010:ByTheNumbers|9|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A10 | A10-<del class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|10|language=de|year=2010}}</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A10 | A10-<ins class="diffchange diffchange-inline">Unvalidated Redirects and Forwards</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A10-{{Top_10_2010:ByTheNumbers|10|language=de|year=2013}}|A10-{{Top_10_2010:ByTheNumbers|10|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A10-{{Top_10_2010:ByTheNumbers|10|language=de|year=2013}}|A10-{{Top_10_2010:ByTheNumbers|10|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #E6B9B8;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #E6B9B8;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A9 | A9-<del class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|9|language=de|year=2010}}</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A9 | A9-<ins class="diffchange diffchange-inline">Insufficient Transport Layer Protection</ins>]]</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| <del class="diffchange diffchange-inline">Zusammen mit </del>[[Top_10_2010-A7 | 2010-A7]] <del class="diffchange diffchange-inline">nun im neuen </del>[[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}|2013-A6]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| <ins class="diffchange diffchange-inline">Merged with </ins>[[Top_10_2010-A7 | 2010-A7]] <ins class="diffchange diffchange-inline">into </ins>[[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}|2013-A6]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|}</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|}</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></center></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></center></div></td></tr>
</table>
T.Gigler
https://wiki.owasp.org/index.php?title=Germany/Projekte/Top_10_fuer_Entwickler-2013/Neuerungen&diff=209640&oldid=prev
T.Gigler: Note that the Major Relaese Cycle depends on the Top 10 Project and its German translati
2016-02-25T16:09:36Z
<p>Note that the Major Relaese Cycle depends on the Top 10 Project and its German translati</p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 16:09, 25 February 2016</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l13" >Line 13:</td>
<td colspan="2" class="diff-lineno">Line 13:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>}}</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>}}</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{{Top_10:SubsectionTableBeginTemplate|type=main}}{{Top_10_2010:SubsectionAdvancedTemplate|type={{Top_10_2010:StyleTemplate}}|subsection=freetext|position=firstWhole|title={{Top_10:LanguageFile|text=whatChangedFrom2010to2013|year=2013|language=de}}|width=100%|year=2013|language=de}}</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{{Top_10:SubsectionTableBeginTemplate|type=main}}{{Top_10_2010:SubsectionAdvancedTemplate|type={{Top_10_2010:StyleTemplate}}|subsection=freetext|position=firstWhole|title={{Top_10:LanguageFile|text=whatChangedFrom2010to2013|year=2013|language=de}}|width=100%|year=2013|language=de}}</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">The threat landscape for applications security constantly changes</del>. <del class="diffchange diffchange-inline">Key factors in this evolution are advances made by attackers</del>, <del class="diffchange diffchange-inline">the release of new technologies with new weaknesses as well as more built in defenses</del>, <del class="diffchange diffchange-inline">and the deployment of increasingly complex systems</del>. <del class="diffchange diffchange-inline">To keep pace</del>, <del class="diffchange diffchange-inline">we periodically update the </del>OWASP Top 10. In <del class="diffchange diffchange-inline">this </del>2013 <del class="diffchange diffchange-inline">release, we made the following changes</del>:</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">Die Bedrohungen für die Sicherheit von Anwendungen ändern sich permanent</ins>. <ins class="diffchange diffchange-inline">Schlüsselfaktoren dieser Weiterentwicklung sind die Fortschritte</ins>, <ins class="diffchange diffchange-inline">die Angreifer machen</ins>, <ins class="diffchange diffchange-inline">Veröffentlichungen neuer Technologien mit neuen Schwachstellen oder integrierte Abwehrmechanismen und der Einsatz immer komplexerer Systeme</ins>. <ins class="diffchange diffchange-inline">Um mit dieser Entwicklung Schritt zu halten</ins>, <ins class="diffchange diffchange-inline">aktualisieren wir die </ins>OWASP Top 10 <ins class="diffchange diffchange-inline">regelmäßig</ins>. In <ins class="diffchange diffchange-inline">der vorliegenden Version </ins>2013 <ins class="diffchange diffchange-inline">gibt es die folgenden Änderungen</ins>:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><ol></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><ol></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><li><del class="diffchange diffchange-inline">Broken Authentication and </del>Session Management <del class="diffchange diffchange-inline">moved up in prevalence based on our data set</del>,<del class="diffchange diffchange-inline">. Probably because this area is being looked at harder</del>, <del class="diffchange diffchange-inline">not because issues are actually more prevalent</del>. <del class="diffchange diffchange-inline">This caused Risks </del>A2 <del class="diffchange diffchange-inline">and </del>A3 <del class="diffchange diffchange-inline">to switch places.</del></li></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><li>Cross-Site Request Forgery (CSRF) <del class="diffchange diffchange-inline">moved down </del>in <del class="diffchange diffchange-inline">prevalence based on our data set from </del>2010-A5 <del class="diffchange diffchange-inline">to </del>2013-A8. <del class="diffchange diffchange-inline">We believe this is because </del>CSRF <del class="diffchange diffchange-inline">has been </del>in <del class="diffchange diffchange-inline">the </del>OWASP Top 10 <del class="diffchange diffchange-inline">for 6 years</del>, <del class="diffchange diffchange-inline">and organizations and framework developers have focused on it enough to significantly reduce the number of </del>CSRF <del class="diffchange diffchange-inline">vulnerabilities </del>in <del class="diffchange diffchange-inline">real world applications</del>.</li></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><li><ins class="diffchange diffchange-inline">Die Häufigkeit der Kategorie „''Fehler in Authentifizierung und </ins>Session Management<ins class="diffchange diffchange-inline">''“ ist den Daten nach gestiegen. Wir glauben, dass dies nicht an einer tatsächlichen Steigerung der Häufigkeit liegt</ins>, <ins class="diffchange diffchange-inline">sondern daran</ins>, <ins class="diffchange diffchange-inline">dass dieser Bereich stärker in den Fokus geraten ist</ins>. <ins class="diffchange diffchange-inline">Daher sind die Risiken </ins>A2 <ins class="diffchange diffchange-inline">und </ins>A3 <ins class="diffchange diffchange-inline">in ihrer Reihenfolge getauscht worden</ins></li></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><li><del class="diffchange diffchange-inline">We broadened Failure to Restrict </del>URL <del class="diffchange diffchange-inline">Access from the 2010 </del>OWASP Top 10 <del class="diffchange diffchange-inline">to be more inclusive</del>:</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><li><ins class="diffchange diffchange-inline">„''</ins>Cross-Site Request Forgery (CSRF)<ins class="diffchange diffchange-inline">''” rutschte aufgrund unserer Datenbasis </ins>in <ins class="diffchange diffchange-inline">der Häufigkeit von </ins>2010-A5 <ins class="diffchange diffchange-inline">auf </ins>2013-A8. CSRF <ins class="diffchange diffchange-inline">ist seit 6 Jahren </ins>in <ins class="diffchange diffchange-inline">den </ins>OWASP Top 10 <ins class="diffchange diffchange-inline">zu finden. Wir glauben, dass sich daher in dieser Zeit Organisationen, Firmen und Entwickler von Frameworks genug mit diesem Thema beschäftigt haben</ins>, <ins class="diffchange diffchange-inline">um die Zahl von </ins>CSRF<ins class="diffchange diffchange-inline">-Schwachstellen </ins>in <ins class="diffchange diffchange-inline">produktiven Anwendungen signifikant zu senken</ins>.</li></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><li><ins class="diffchange diffchange-inline">Wir haben die Kategorie „''Mangelhafter </ins>URL<ins class="diffchange diffchange-inline">-Zugriffschutz''” aus den </ins>OWASP Top 10 <ins class="diffchange diffchange-inline">2010 erweitert und verallgemeinert</ins>:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><p style="padding-left: 2em; text-indent: -2em;"></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><p style="padding-left: 2em; text-indent: -2em;"></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;2010-A8: <del class="diffchange diffchange-inline">Failure to Restrict </del>URL <del class="diffchange diffchange-inline">Access is now <u></del>2013-A7: <del class="diffchange diffchange-inline">Missing Function Level Access Control</u> – to cover all of function level access control</del>. <del class="diffchange diffchange-inline">There are many ways to specify which function is being accessed</del>, <del class="diffchange diffchange-inline">not just the </del>URL.</p></li></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;2010-A8:<ins class="diffchange diffchange-inline">„''Mangelhafter </ins>URL<ins class="diffchange diffchange-inline">-Zugriffschutz''” ist nun zu </ins>2013-A7: <ins class="diffchange diffchange-inline">„''Fehlerhafte Autorisierung auf Anwendungsebene''” geworden</ins>. <ins class="diffchange diffchange-inline">Um den Zugriffsschutz und die Autorisierung auf Anwendungsebene sicherzustellen gibt es viele Möglichkeiten</ins>, <ins class="diffchange diffchange-inline">eben nicht nur die </ins>URL.</p></li></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><li><del class="diffchange diffchange-inline">We merged and broadened </del>2010-A7 <del class="diffchange diffchange-inline">& 2010-</del>A9 <del class="diffchange diffchange-inline">to CREATE: <u></del>2013-A6: <del class="diffchange diffchange-inline">Sensitive Data Exposure</u></del>:</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><li>2010-A7 <ins class="diffchange diffchange-inline">und </ins>A9 <ins class="diffchange diffchange-inline">wurden zusammengefasst, um daraus </ins>2013-A6: <ins class="diffchange diffchange-inline">„''Verlust der Vertraulichkeit sensibler Daten''“ zu machen</ins>:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><p style="padding-left: 2em; text-indent: -2em;"></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><p style="padding-left: 2em; text-indent: -2em;"></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<del class="diffchange diffchange-inline">This new category was created by merging </del>2010-A7 – <del class="diffchange diffchange-inline">Insecure Cryptographic Storage  & </del>2010-A9 <del class="diffchange diffchange-inline">- Insufficient Transport Layer Protection, plus adding browser side sensitive data risks as well</del>. <del class="diffchange diffchange-inline">This new category covers sensitive data protection </del>(<del class="diffchange diffchange-inline">other than access control which is covered by </del>2013-A4 <del class="diffchange diffchange-inline">and </del>2013-A7) <del class="diffchange diffchange-inline">from the moment sensitive data is provided by the user</del>, <del class="diffchange diffchange-inline">sent to and stored within the application, and then sent back to the browser again</del>.</p></li></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<ins class="diffchange diffchange-inline">Diese neue Kategorie wurde durch das Zusammenlegen von </ins>2010-A7 – <ins class="diffchange diffchange-inline">„''Kryptografisch unsichere Speicherung''“ und </ins>2010-A9 <ins class="diffchange diffchange-inline">– „''Unzureichende Absicherung der Transportschicht''“ zusätzlich mit den Risiken sensibler Daten im Browser geschaffen</ins>. <ins class="diffchange diffchange-inline">Sie beinhaltet den Schutz der Vertraulichkeit sensibler Daten </ins>(<ins class="diffchange diffchange-inline">anders als die Zugriffskontrollen aus </ins>2013-A4 <ins class="diffchange diffchange-inline">und </ins>2013-A7) <ins class="diffchange diffchange-inline">vom Moment der Eingabe über den Transport zum Server</ins>, <ins class="diffchange diffchange-inline">die Verarbeitung und die Speicherung im Server bis hin zur erneuten Auslieferung an den Benutzer</ins>.</p></li></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><li><del class="diffchange diffchange-inline">We added: <u></del>2013-A9: <del class="diffchange diffchange-inline">Using Components with Known Vulnerabilities</u></del>:</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><li><ins class="diffchange diffchange-inline">Wir haben </ins>2013-A9: <ins class="diffchange diffchange-inline">„''Verwendung von Komponenten mit bekannten Schwachstellen''” hinzugefügt:</ins>:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><p style="padding-left: 2em; text-indent: -2em;"></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><p style="padding-left: 2em; text-indent: -2em;"></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<del class="diffchange diffchange-inline">This issue was mentioned as part of </del>2010-A6 – <del class="diffchange diffchange-inline">Security Misconfiguration</del>, <del class="diffchange diffchange-inline">but now has a category of its own as the growth and depth of component based development has significantly increased the risk of using components with known vulnerabilities</del>.</p></li></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<ins class="diffchange diffchange-inline">Dieser Punkt wurde als Teil von </ins>2010-A6 – <ins class="diffchange diffchange-inline">„''Sicherheitsrelevante Fehlkonfiguration''” erwähnt</ins>, <ins class="diffchange diffchange-inline">nun aber zur eigenen Kategorie gemacht: Die generelle Zunahme und die steigende Komplexität von komponentenbasierten Entwicklungen hat das Risiko, Komponenten mit bekannten Schwachstellen einzusetzen, signifikant erhöht</ins>.</p></li></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></ol></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></ol></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{{Top_10:SubsectionTableEndTemplate}}</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{{Top_10:SubsectionTableEndTemplate}}</div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l32" >Line 32:</td>
<td colspan="2" class="diff-lineno">Line 37:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{| style="width: 99%; align:center; text-align:center; border: 2px solid #4d953d; background-color:#F2F2F2; padding=2;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{| style="width: 99%; align:center; text-align:center; border: 2px solid #4d953d; background-color:#F2F2F2; padding=2;"  </div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #4d953d; color: #FFFFFF;"</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #4d953d; color: #FFFFFF;"</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>! OWASP Top 10 - 2010 (<del class="diffchange diffchange-inline">Previous Version</del>) !! OWASP Top 10 - 2013 (<del class="diffchange diffchange-inline">Current Version</del>)</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>! OWASP Top 10 - 2010 (<ins class="diffchange diffchange-inline">alt</ins>) !! OWASP Top 10 - 2013 (<ins class="diffchange diffchange-inline">neu</ins>)</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A1 | A1-<del class="diffchange diffchange-inline">Injection</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A1 | A1-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|1|language=de|year=2010}}</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A1-{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}}|A1-{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A1-{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}}|A1-{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A3 | A3-<del class="diffchange diffchange-inline">Broken Authentication and Session Management</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A3 | A3-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|3|language=de|year=2010}}</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A2-{{Top_10_2010:ByTheNumbers|2|language=de|year=2013}}|A2-{{Top_10_2010:ByTheNumbers|2|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A2-{{Top_10_2010:ByTheNumbers|2|language=de|year=2013}}|A2-{{Top_10_2010:ByTheNumbers|2|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A2 | A2-<del class="diffchange diffchange-inline">Cross Site Scripting (XSS)</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A2 | A2-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|2|language=de|year=2010}}</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A3-{{Top_10_2010:ByTheNumbers|3|language=de|year=2013}}|A3-{{Top_10_2010:ByTheNumbers|3|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A3-{{Top_10_2010:ByTheNumbers|3|language=de|year=2013}}|A3-{{Top_10_2010:ByTheNumbers|3|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A4 | A4-<del class="diffchange diffchange-inline">Insecure Direct Object Reference</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A4 | A4-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|4|language=de|year=2010}}</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A4-{{Top_10_2010:ByTheNumbers|4|language=de|year=2013}}|A4-{{Top_10_2010:ByTheNumbers|4|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A4-{{Top_10_2010:ByTheNumbers|4|language=de|year=2013}}|A4-{{Top_10_2010:ByTheNumbers|4|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A6 | A6-<del class="diffchange diffchange-inline">Security Misconfiguration</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A6 | A6-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|6|language=de|year=2010}}</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A5-{{Top_10_2010:ByTheNumbers|5|language=de|year=2013}}|A5-{{Top_10_2010:ByTheNumbers|5|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A5-{{Top_10_2010:ByTheNumbers|5|language=de|year=2013}}|A5-{{Top_10_2010:ByTheNumbers|5|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #D7D6C0;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #D7D6C0;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A7 | A7-<del class="diffchange diffchange-inline">Insecure Cryptographic Storage </del>- <del class="diffchange diffchange-inline">Merged with </del>A9 -->]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A7 | A7-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|7|language=de|year=2010}} </ins>- <ins class="diffchange diffchange-inline">mit </ins>A9 -->]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}|A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}|A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #D7D6C0;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #D7D6C0;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A8 | A8-<del class="diffchange diffchange-inline">Failure to Restrict URL Access </del>- <del class="diffchange diffchange-inline">Broadened into </del>-->]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A8 | A8-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|8|language=de|year=2010}} </ins>- <ins class="diffchange diffchange-inline">erweitert zu </ins>-->]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A7-{{Top_10_2010:ByTheNumbers|7|language=de|year=2013}}|A7-{{Top_10_2010:ByTheNumbers|7|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A7-{{Top_10_2010:ByTheNumbers|7|language=de|year=2013}}|A7-{{Top_10_2010:ByTheNumbers|7|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2007-A5 | A5-<del class="diffchange diffchange-inline">Cross Site Request Forgery (CSRF)</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2007-A5 | A5-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|5|language=de|year=2010}}</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A8-{{Top_10_2010:ByTheNumbers|8|language=de|year=2013}}|A8-{{Top_10_2010:ByTheNumbers|8|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A8-{{Top_10_2010:ByTheNumbers|8|language=de|year=2013}}|A8-{{Top_10_2010:ByTheNumbers|8|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #D7D6C0;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #D7D6C0;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A6 | <<del class="diffchange diffchange-inline">buried in </del>A6: <del class="diffchange diffchange-inline">Security Misconfiguration</del>>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A6 | <<ins class="diffchange diffchange-inline">Teil von </ins>A6: <ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|6|language=de|year=2010}}</ins>>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A9-{{Top_10_2010:ByTheNumbers|9|language=de|year=2013}}|A9-{{Top_10_2010:ByTheNumbers|9|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A9-{{Top_10_2010:ByTheNumbers|9|language=de|year=2013}}|A9-{{Top_10_2010:ByTheNumbers|9|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #FFFFFF;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A10 | A10-<del class="diffchange diffchange-inline">Unvalidated Redirects and Forwards</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A10 | A10-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|10|language=de|year=2010}}</ins>]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A10-{{Top_10_2010:ByTheNumbers|10|language=de|year=2013}}|A10-{{Top_10_2010:ByTheNumbers|10|language=de|year=2013}}]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A10-{{Top_10_2010:ByTheNumbers|10|language=de|year=2013}}|A10-{{Top_10_2010:ByTheNumbers|10|language=de|year=2013}}]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #E6B9B8;"  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|- style="background-color: #E6B9B8;"  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A9 | A9-<del class="diffchange diffchange-inline">Insufficient Transport Layer Protection</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Top_10_2010-A9 | A9-<ins class="diffchange diffchange-inline">{{Top_10_2010:ByTheNumbers|9|language=de|year=2010}}</ins>]]</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| <del class="diffchange diffchange-inline">Merged with </del>[[Top_10_2010-A7 | 2010-A7]] <del class="diffchange diffchange-inline">into </del>[[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}|2013-A6]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| <ins class="diffchange diffchange-inline">Zusammen mit </ins>[[Top_10_2010-A7 | 2010-A7]] <ins class="diffchange diffchange-inline">nun im neuen </ins>[[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}|2013-A6]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|}</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|}</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></center></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></center></div></td></tr>
</table>
T.Gigler
https://wiki.owasp.org/index.php?title=Germany/Projekte/Top_10_fuer_Entwickler-2013/Neuerungen&diff=155571&oldid=prev
T.Gigler: Überschrift mithilfe 'Top_10_2010:SubsectionColoredTemplate' hinzugefügt
2013-07-17T12:47:48Z
<p>Überschrift mithilfe 'Top_10_2010:SubsectionColoredTemplate' hinzugefügt</p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 12:47, 17 July 2013</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l8" >Line 8:</td>
<td colspan="2" class="diff-lineno">Line 8:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>}}</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>}}</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">{{Top_10_2010:SubsectionColoredTemplate</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">      |{{Top_10:LanguageFile|text=releaseNotes|year=2013|language=de}}</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">      ||year=2013</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">}}</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{{Top_10:SubsectionTableBeginTemplate|type=main}}{{Top_10_2010:SubsectionAdvancedTemplate|type={{Top_10_2010:StyleTemplate}}|subsection=freetext|position=firstWhole|title={{Top_10:LanguageFile|text=whatChangedFrom2010to2013|year=2013|language=de}}|width=100%|year=2013|language=de}}</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{{Top_10:SubsectionTableBeginTemplate|type=main}}{{Top_10_2010:SubsectionAdvancedTemplate|type={{Top_10_2010:StyleTemplate}}|subsection=freetext|position=firstWhole|title={{Top_10:LanguageFile|text=whatChangedFrom2010to2013|year=2013|language=de}}|width=100%|year=2013|language=de}}</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>The threat landscape for applications security constantly changes. Key factors in this evolution are advances made by attackers, the release of new technologies with new weaknesses as well as more built in defenses, and the deployment of increasingly complex systems. To keep pace, we periodically update the OWASP Top 10. In this 2013 release, we made the following changes:</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>The threat landscape for applications security constantly changes. Key factors in this evolution are advances made by attackers, the release of new technologies with new weaknesses as well as more built in defenses, and the deployment of increasingly complex systems. To keep pace, we periodically update the OWASP Top 10. In this 2013 release, we made the following changes:</div></td></tr>
</table>
T.Gigler
https://wiki.owasp.org/index.php?title=Germany/Projekte/Top_10_fuer_Entwickler-2013/Neuerungen&diff=155057&oldid=prev
T.Gigler: Created page with "{{Top_10_2013_DeveloperEdition:TopTemplate |usenext=2013NextLinkDeveloperEdition |next={{Top_10:LanguageFile|text=risk|year=2013|language=de}} |useprev=2013PrevLin..."
2013-07-04T11:52:07Z
<p>Created page with "{{Top_10_2013_DeveloperEdition:TopTemplate |usenext=2013NextLinkDeveloperEdition |next={{Top_10:LanguageFile|text=risk|year=2013|language=de}} |useprev=2013PrevLin..."</p>
<p><b>New page</b></p><div>{{Top_10_2013_DeveloperEdition:TopTemplate<br />
|usenext=2013NextLinkDeveloperEdition<br />
|next={{Top_10:LanguageFile|text=risk|year=2013|language=de}}<br />
|useprev=2013PrevLinkDeveloperEdition<br />
|prev={{Top_10:LanguageFile|text=introduction|year=2013|language=de}}<br />
|year=2013<br />
|language=de<br />
}}<br />
<br />
{{Top_10:SubsectionTableBeginTemplate|type=main}}{{Top_10_2010:SubsectionAdvancedTemplate|type={{Top_10_2010:StyleTemplate}}|subsection=freetext|position=firstWhole|title={{Top_10:LanguageFile|text=whatChangedFrom2010to2013|year=2013|language=de}}|width=100%|year=2013|language=de}}<br />
The threat landscape for applications security constantly changes. Key factors in this evolution are advances made by attackers, the release of new technologies with new weaknesses as well as more built in defenses, and the deployment of increasingly complex systems. To keep pace, we periodically update the OWASP Top 10. In this 2013 release, we made the following changes:<br />
<ol><br />
<li>Broken Authentication and Session Management moved up in prevalence based on our data set,. Probably because this area is being looked at harder, not because issues are actually more prevalent. This caused Risks A2 and A3 to switch places.</li><br />
<li>Cross-Site Request Forgery (CSRF) moved down in prevalence based on our data set from 2010-A5 to 2013-A8. We believe this is because CSRF has been in the OWASP Top 10 for 6 years, and organizations and framework developers have focused on it enough to significantly reduce the number of CSRF vulnerabilities in real world applications.</li><br />
<li>We broadened Failure to Restrict URL Access from the 2010 OWASP Top 10 to be more inclusive:<br />
<p style="padding-left: 2em; text-indent: -2em;"><br />
+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;2010-A8: Failure to Restrict URL Access is now <u>2013-A7: Missing Function Level Access Control</u> – to cover all of function level access control. There are many ways to specify which function is being accessed, not just the URL.</p></li><br />
<li>We merged and broadened 2010-A7 & 2010-A9 to CREATE: <u>2013-A6: Sensitive Data Exposure</u>:<br />
<p style="padding-left: 2em; text-indent: -2em;"><br />
-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;This new category was created by merging 2010-A7 – Insecure Cryptographic Storage & 2010-A9 - Insufficient Transport Layer Protection, plus adding browser side sensitive data risks as well. This new category covers sensitive data protection (other than access control which is covered by 2013-A4 and 2013-A7) from the moment sensitive data is provided by the user, sent to and stored within the application, and then sent back to the browser again.</p></li><br />
<li>We added: <u>2013-A9: Using Components with Known Vulnerabilities</u>:<br />
<p style="padding-left: 2em; text-indent: -2em;"><br />
+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;This issue was mentioned as part of 2010-A6 – Security Misconfiguration, but now has a category of its own as the growth and depth of component based development has significantly increased the risk of using components with known vulnerabilities.</p></li><br />
</ol><br />
{{Top_10:SubsectionTableEndTemplate}}<br />
<br />
<center><br />
{| style="width: 99%; align:center; text-align:center; border: 2px solid #4d953d; background-color:#F2F2F2; padding=2;" <br />
|- style="background-color: #4d953d; color: #FFFFFF;"<br />
! OWASP Top 10 - 2010 (Previous Version) !! OWASP Top 10 - 2013 (Current Version)<br />
|- style="background-color: #FFFFFF;" <br />
| [[Top_10_2010-A1 | A1-Injection]]<br />
| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A1-{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}}|A1-{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}}]]<br />
|- style="background-color: #FFFFFF;" <br />
| [[Top_10_2010-A3 | A3-Broken Authentication and Session Management]]<br />
| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A2-{{Top_10_2010:ByTheNumbers|2|language=de|year=2013}}|A2-{{Top_10_2010:ByTheNumbers|2|language=de|year=2013}}]]<br />
|- style="background-color: #FFFFFF;" <br />
| [[Top_10_2010-A2 | A2-Cross Site Scripting (XSS)]]<br />
| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A3-{{Top_10_2010:ByTheNumbers|3|language=de|year=2013}}|A3-{{Top_10_2010:ByTheNumbers|3|language=de|year=2013}}]]<br />
|- style="background-color: #FFFFFF;" <br />
| [[Top_10_2010-A4 | A4-Insecure Direct Object Reference]]<br />
| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A4-{{Top_10_2010:ByTheNumbers|4|language=de|year=2013}}|A4-{{Top_10_2010:ByTheNumbers|4|language=de|year=2013}}]]<br />
|- style="background-color: #FFFFFF;" <br />
| [[Top_10_2010-A6 | A6-Security Misconfiguration]]<br />
| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A5-{{Top_10_2010:ByTheNumbers|5|language=de|year=2013}}|A5-{{Top_10_2010:ByTheNumbers|5|language=de|year=2013}}]]<br />
|- style="background-color: #D7D6C0;" <br />
| [[Top_10_2010-A7 | A7-Insecure Cryptographic Storage - Merged with A9 -->]]<br />
| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}|A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}]]<br />
|- style="background-color: #D7D6C0;" <br />
| [[Top_10_2010-A8 | A8-Failure to Restrict URL Access - Broadened into -->]]<br />
| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A7-{{Top_10_2010:ByTheNumbers|7|language=de|year=2013}}|A7-{{Top_10_2010:ByTheNumbers|7|language=de|year=2013}}]]<br />
|- style="background-color: #FFFFFF;" <br />
| [[Top_10_2007-A5 | A5-Cross Site Request Forgery (CSRF)]]<br />
| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A8-{{Top_10_2010:ByTheNumbers|8|language=de|year=2013}}|A8-{{Top_10_2010:ByTheNumbers|8|language=de|year=2013}}]]<br />
|- style="background-color: #D7D6C0;" <br />
| [[Top_10_2010-A6 | <buried in A6: Security Misconfiguration>]]<br />
| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A9-{{Top_10_2010:ByTheNumbers|9|language=de|year=2013}}|A9-{{Top_10_2010:ByTheNumbers|9|language=de|year=2013}}]]<br />
|- style="background-color: #FFFFFF;" <br />
| [[Top_10_2010-A10 | A10-Unvalidated Redirects and Forwards]]<br />
| [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A10-{{Top_10_2010:ByTheNumbers|10|language=de|year=2013}}|A10-{{Top_10_2010:ByTheNumbers|10|language=de|year=2013}}]]<br />
|- style="background-color: #E6B9B8;" <br />
| [[Top_10_2010-A9 | A9-Insufficient Transport Layer Protection]]<br />
| Merged with [[Top_10_2010-A7 | 2010-A7]] into [[{{Top_10:LanguageFile|text=documentRootTop10|year=2013|language=de}}-A6-{{Top_10_2010:ByTheNumbers|6|language=de|year=2013}}|2013-A6]]<br />
|}<br />
</center><br />
{{Top_10_2013_DeveloperEdition:BottomTemplate<br />
|usenext=2013NextLinkDeveloperEdition<br />
|useprev=2013PrevLinkDeveloperEdition<br />
|next={{Top_10:LanguageFile|text=risk|year=2013|language=de}}<br />
|prev={{Top_10:LanguageFile|text=introduction|year=2013|language=de}}<br />
|year=2013<br />
|language=de<br />
}}</div>
T.Gigler