This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Template:Top 10:LanguageFile"
From OWASP
(added English ...Images. deleted old .jpg-Definitions) |
(Added: German: isTheApplicationVulnerable, howToPrevent) |
||
(113 intermediate revisions by 2 users not shown) | |||
Line 3: | Line 3: | ||
<!-- Please add a new language solely here!!! --> | <!-- Please add a new language solely here!!! --> | ||
<!----------------------------------------------------------------------------> | <!----------------------------------------------------------------------------> | ||
+ | ==='''Usage:''' === | ||
This File contains all the text that is used by OWASP Top 10 Templates<br/> | This File contains all the text that is used by OWASP Top 10 Templates<br/> | ||
− | Please add a new language solely here!!! | + | Please leave a message to {{Template:Contact | name = Torsten Gigler | email [email protected] | username = T.Gigler}} |
+ | if you liked to add a new localization<br> | ||
+ | <!--- Please add a new language solely here!!! --> | ||
+ | If you use an undefined language you will get English output (default language).<br/> | ||
+ | <br/> | ||
+ | <nowiki>{{Top_10:LanguageFile</nowiki><br/> | ||
+ | :<nowiki> |text=<parameter> <!-- take one of the defined parmeters, e.g. tableOfContents --></nowiki><br/> | ||
+ | :<nowiki> |language=<your language> <!-- actually only English (=en) and German (=de) are valid parameters) --></nowiki><br/> | ||
+ | :<nowiki> |year=<year> <!-- optional for some texts --></nowiki><br/> | ||
+ | <nowiki>}}</nowiki><br/><br/> | ||
+ | ====Example:==== | ||
+ | <nowiki>{{Top_10:LanguageFile|text=tableOfContents|language=de}} =></nowiki> {{Top_10:LanguageFile|text=tableOfContents|language=de}} | ||
+ | ---- | ||
+ | ==='''Healthcheck'''=== | ||
+ | tbd.<br/> | ||
+ | In the meantime, please check: | ||
+ | * [[Top_10_2013-Table_of_Contents | English Top 10 Wiki]] | ||
+ | * [[Germany/Projekte/Top_10-2013-Inhaltsverzeichnis | German Top 10 Wiki]] | ||
+ | ---- | ||
+ | If you use an unknown parameter you will get the following Error message in your wiki page:<br/> | ||
+ | <!--- Please add a new language solely here!!! --> | ||
<onlyinclude>{{#switch: {{{language}}} | <onlyinclude>{{#switch: {{{language}}} | ||
| de = <!-- German --> | | de = <!-- German --> | ||
{{#switch: {{{text}}} <noinclude> | {{#switch: {{{text}}} <noinclude> | ||
+ | <!-- BEGIN Document-Root --> </noinclude> | ||
+ | | documentRootTop10New = Germany/Projekte/Top 10-{{{year}}} | ||
+ | | documentRootTop10NewDeveloperEdition = Germany/Projekte/Top 10 fuer Entwickler-{{{year}}} | ||
+ | | documentRootTop10 = Germany/Projekte/Top 10-{{{year}}} | ||
+ | | documentRootTop10DeveloperEdition = Germany/Projekte/Top 10 fuer Entwickler-{{{year}}}<noinclude> | ||
+ | <!-- END Document-Root --> | ||
+ | <!-- BEGIN of Top Ten Section for Top 10 2013-CenterLinkTemplate + Top 10 2013:Top and Bottom(Advanced)Template(s) --> </noinclude> | ||
+ | | top10TmpMessage = | ||
+ | {{#switch: {{{year}}} | ||
+ | | 2017 = ==BAUSTELLE! Hier entsteht das deutsche Wiki der OWASP Top 10-2017==<br/><br/>==Bitte benutzen Sie die <u>[[Germany/Projekte/Top_10 | PDF Version]]</u>.==<noinclude></noinclude> | ||
+ | | 2013 <noinclude>= ==The Top 10-2013 Wiki is under Construction. The Content is Not Finished yet==</noinclude> | ||
+ | | #default = NOTE: THIS IS NOT THE LATEST VERSION. Please visit the <u>[[:Category:OWASP_Top_Ten_Project|OWASP Top 10 project page]]</u> to find the latest edition. | ||
+ | }} | ||
+ | | top10TmpMessageDeveloperEdition = ==BAUSTELLE! Hier entsteht das deutsche Wiki der OWASP Top 10 fuer Entwickler-2013== | ||
+ | | centerLink1 = | ||
+ | {{#switch: {{{year}}} | ||
+ | | 2013 = [[Germany/Projekte/Top 10-{{{year}}}-Inhaltsverzeichnis|{{{year}}} Inhaltsverzeichnis]] | ||
+ | | #default = [[Germany/Projekte/Top 10-{{{year}}} Inhaltsverzeichnis|{{{year}}} Inhaltsverzeichnis]] | ||
+ | }} | ||
+ | | centerLink2 = | ||
+ | {{#switch: {{{year}}} | ||
+ | | 2013 = [[Germany/Projekte/Top 10-2013-Top 10|2013 Die Top-10-Risiken]] | ||
+ | | 2017 = [[Germany/Projekte/Top_10| PDF version]] | ||
+ | | #default = [[Germany/Projekte/[Top_10_{{{year}}}-Top 10|{{{year}}} Die Top-10-Risiken]] | ||
+ | }} | ||
+ | | centerLink1DeveloperEdition = [[Germany/Projekte/Top 10 fuer Entwickler-2013/Inhaltsverzeichnis|Top 10 fuer Entwickler-2013: Inhaltsverzeichnis]] | ||
+ | | centerLink2DeveloperEdition = [[Germany/Projekte/Top 10 fuer Entwickler-2013/Top 10|Die Top-10-Risiken]] | ||
+ | | projectCategory = [[Category: Germany/Projekte/Top 10-{{{year}}}]] | ||
+ | | projectCategoryDeveloperEdition = [[Category:OWASP Top 10 fuer Entwickler]] [[Category: Germany/Projekte/Top 10 fuer Entwickler-2013]]<noinclude> | ||
+ | <!-- END of Top Ten Section for Top 10 2013-CenterLinkTemplate --> | ||
<!-- BEGIN main Document --> </noinclude> | <!-- BEGIN main Document --> </noinclude> | ||
− | | forward = Vorwort | + | | tableOfContents = Inhaltsverzeichnis |
− | | forwardTranslation = Vorwort der deutschen | + | | foreword = Vorwort |
+ | | forewordTranslation = | ||
+ | {{#switch: {{{year}}} | ||
+ | | 2013 = Vorwort der deutschen Übersetzung | ||
+ | | #default = Vorwort der deutschen Version | ||
+ | }} | ||
+ | | forward = Vorwort <!--- behobener Fehler im englischen Original ---> | ||
+ | | forwardTranslation = Vorwort der deutschen Übersetzung <!--- behobener Fehler im englischen Original ---> | ||
| aboutOWASP = Über OWASP | | aboutOWASP = Über OWASP | ||
| copyrightAndLicense Copyright und Lizenz | | copyrightAndLicense Copyright und Lizenz | ||
Line 16: | Line 74: | ||
| releaseNotes = Neuerungen | | releaseNotes = Neuerungen | ||
| risks = Risiken | | risks = Risiken | ||
− | | risk = RISIKO | + | | risk = Risiko |
− | | applicationSecurityRisks = | + | | subTitleApplicationRisks = (Sicherheitsrisiken für Anwendungen) |
− | | theTop10 = | + | | riskLarge = RISIKO |
+ | | applicationSecurityRisks = | ||
+ | {{#switch: {{{year}}} | ||
+ | | 2013 = Was sind Sicherheitsrisiken für Anwendungen? | ||
+ | | #default = Sicherheitsrisiken für Anwendungen | ||
+ | }} | ||
+ | | theTop10 = | ||
+ | {{#switch: {{{year}}} | ||
+ | | 2013 = Die Top-10-Risiken | ||
+ | | #default = OWASP Top 10 Risiken für die Anwendungssicherheit | ||
+ | }} | ||
+ | | top10 = Top 10 | ||
| whatsNextforDevelopers = Nächste Schritte für Software-Entwickler | | whatsNextforDevelopers = Nächste Schritte für Software-Entwickler | ||
| whatsNextforVerifiers = Nächste Schritte für Prüfer | | whatsNextforVerifiers = Nächste Schritte für Prüfer | ||
+ | | whatsNextforSecurityTesters = Nächste Schritte für Sicherheitstester | ||
| whatsNextforOrganizations = Nächste Schritte für Organisationen | | whatsNextforOrganizations = Nächste Schritte für Organisationen | ||
+ | | whatsNextforApplicationManagers=Nächste Schritte für Anwendungs-Verantwortliche | ||
| noteAboutRisks = Anmerkungen zum Risikobegriff | | noteAboutRisks = Anmerkungen zum Risikobegriff | ||
− | | detailsAboutRiskFactors = Details zu Risiko-Faktoren | + | | detailsAboutRiskFactors = |
+ | {{#switch: {{{year}}} | ||
+ | | 2013 = Details zu Risiko-Faktoren | ||
+ | | #default = Details zu den Risiko-Faktoren | ||
+ | }} | ||
+ | | methodologyAndData = Methodik und Daten | ||
| appendix = Anlage | | appendix = Anlage | ||
− | | warnings = | + | | warnings = Zur Beachtung |
| acknowledgements = Danksagung | | acknowledgements = Danksagung | ||
+ | | attribution = Namensnennung/Danksagung | ||
+ | | whatChangedFrom2010to2013 = Was hat sich von Version 2010 zu 2013 verändert? | ||
| welcome = Herzlich Willkommen | | welcome = Herzlich Willkommen | ||
| whatAreApplicationSecurityRisks = Was sind Sicherheitsrisiken für Anwendungen? | | whatAreApplicationSecurityRisks = Was sind Sicherheitsrisiken für Anwendungen? | ||
Line 33: | Line 111: | ||
| establishAndUseAFullSetOfCommonSecurityControls = Etablierung und Nutzung umfassender Sicherheitsmaßnahmen | | establishAndUseAFullSetOfCommonSecurityControls = Etablierung und Nutzung umfassender Sicherheitsmaßnahmen | ||
| startYourApplicationSecurityProgramNow = Starten Sie jetzt mit Ihrem Anwendungssicherheits-Programm! | | startYourApplicationSecurityProgramNow = Starten Sie jetzt mit Ihrem Anwendungssicherheits-Programm! | ||
− | | getOrganized = Organisation | + | | getOrganized = Organisation und Prozesse |
| codeReview = Code-Analyse | | codeReview = Code-Analyse | ||
| securityAndPenetrationTesting = Sicherheits- und Penetrationstests | | securityAndPenetrationTesting = Sicherheits- und Penetrationstests | ||
| itsAboutRisksNotWeaknesses = Es geht nicht um Schwachstellen, sondern um Risiken | | itsAboutRisksNotWeaknesses = Es geht nicht um Schwachstellen, sondern um Risiken | ||
| top10RiskFactorSummary = Zusammenfassung der Top 10 Risiko-Faktoren | | top10RiskFactorSummary = Zusammenfassung der Top 10 Risiko-Faktoren | ||
− | | additionalRisksToConsider = Weitere | + | | additionalRisksToConsider = Weitere zu betrachtende Risiken <noinclude> |
<!-- END main Document --> | <!-- END main Document --> | ||
<!-- BEGIN of Top Ten Section for ByTheNumbersTemplate --> </noinclude> | <!-- BEGIN of Top Ten Section for ByTheNumbersTemplate --> </noinclude> | ||
| injection = Injection | | injection = Injection | ||
− | | brokenAuthSessionMgmt = Fehler in Authentifizierung und Session-Management <!-- | + | | brokenAuthSessionMgmt = Fehler in Authentifizierung und Session-Management |
+ | | brokenAuth = Fehler in der Authentifizierung | ||
+ | | authentication = Authentifizierung <!-- short form for 'Broken Authentication and Session Management' ---> | ||
+ | | xxe = XML External Entities (XXE) | ||
+ | | brokenAccessControl = Fehler in der Zugriffskontrolle | ||
| xss = Cross-Site Scripting (XSS) | | xss = Cross-Site Scripting (XSS) | ||
+ | | xssShort = XSS | ||
+ | | insecureDeserialization = Unsichere Deserialisierung | ||
| insecureDirectObjectReference = Unsichere direkte Objektreferenzen | | insecureDirectObjectReference = Unsichere direkte Objektreferenzen | ||
+ | | insecureDOR = Unsichere direkte Objektreferenzen | ||
| securityMisconfig = Sicherheitsrelevante Fehlkonfiguration | | securityMisconfig = Sicherheitsrelevante Fehlkonfiguration | ||
− | | sensitiveDataExposure = Sensitive Data Exposure | + | | misconfig = Fehlkonfiguration |
− | | missingFunctionLevelACL = Fehlerhafte Autorisierung auf Anwendungsebene (tbd = Missing Function Level Access Control) | + | | sensitiveDataExposure = Verlust der Vertraulichkeit sensibler Daten<noinclude>ex: Sensitive Data Exposure</noinclude> |
+ | | sensData = Sens. Data<noinclude>(tbd)</noinclude> | ||
+ | | missingFunctionLevelACL = Fehlerhafte Autorisierung auf Anwendungsebene <noinclude>(tbd = Missing Function Level Access Control)</noinclude> | ||
+ | | functionAcc = Fehlerh. Autorisierung<noinclude>(tbd = Kurzform für Missing Function Level Access Control)</noinclude> | ||
+ | | csrf = Cross-Site Request Forgery (CSRF) | ||
| csrfShort = CSRF | | csrfShort = CSRF | ||
− | | | + | | usingVulnerableComponents = |
− | + | {{#switch: {{{year}}} | |
+ | | 2013 = Benutzen von Komponenten mit bekannten Schwachstellen <noinclude>(tbd = Using Components with Known Vulnerabilities)</noinclude> | ||
+ | | #default = Nutzung von Komponenten mit bekannten Schwachstellen | ||
+ | }} | ||
+ | | vulnComponents = Komponenten mit Schwachstellen <noinclude>(tbd = vuln. Components)</noinclude> | ||
+ | | insufficientLoggingMonitoring = Unzureichendes Logging&Monitoring | ||
| unvalidatedRedirectsForwards = Ungeprüfte Um- und Weiterleitungen | | unvalidatedRedirectsForwards = Ungeprüfte Um- und Weiterleitungen | ||
+ | | unvalRedirects = Ungepr. Weiterltg. | ||
| insecureCryptographicStorage = Kryptografisch unsichere Speicherung | | insecureCryptographicStorage = Kryptografisch unsichere Speicherung | ||
| failureRestrictUrlAccess = Mangelhafter URL-Zugriffsschutz | | failureRestrictUrlAccess = Mangelhafter URL-Zugriffsschutz | ||
Line 58: | Line 153: | ||
<!-- END of Top Ten Section for ByTheNumbersTemplate --> | <!-- END of Top Ten Section for ByTheNumbersTemplate --> | ||
<!-- BEGIN of Section for Top 10:SummaryTableTemplate --> </noinclude> | <!-- BEGIN of Section for Top 10:SummaryTableTemplate --> </noinclude> | ||
+ | | applicationSpecific = Anwendungs-<br>spezifisch | ||
+ | | appSpecific = Anw.-<br>spezifisch | ||
+ | | dataBusinessSpecific = Daten- &<br>Geschäftsspez. | ||
+ | | businessQuestionmark = Daten- &<br>Geschäftsspez <!--- in deutscher Version ersetzt ---> | ||
+ | | applicationBusinessSpecific = Anwendungs-/<br>Geschäftsspezifisch | ||
+ | | appBusinessSpecific = Anw.-/<br>Geschäftsspez. | ||
| exploitability = Ausnutzbarkeit | | exploitability = Ausnutzbarkeit | ||
| easy = EINFACH | | easy = EINFACH | ||
| average = DURCHSCHNITTLICH | | average = DURCHSCHNITTLICH | ||
| difficult = SCHWIERIG | | difficult = SCHWIERIG | ||
+ | | weakness = <!-- not used ---> <!-- for table in Top_10_2013-Risk --> | ||
| prevalence = Verbreitung | | prevalence = Verbreitung | ||
| veryWidespread = AUSSERGEWÖHNLICH HÄUFIG | | veryWidespread = AUSSERGEWÖHNLICH HÄUFIG | ||
Line 69: | Line 171: | ||
| detectability = Auffindbarkeit | | detectability = Auffindbarkeit | ||
| impact = Auswirkung | | impact = Auswirkung | ||
+ | | impacts = Auswirkungen | ||
| severe = SCHWERWIEGEND | | severe = SCHWERWIEGEND | ||
| moderate = MITTEL | | moderate = MITTEL | ||
− | | minor = GERING <noinclude> | + | | minor = GERING |
+ | | score = Wert <noinclude> | ||
<!-- END of Section for Top 10:SummaryTableTemplate --> | <!-- END of Section for Top 10:SummaryTableTemplate --> | ||
<!-- BEGIN of Section for SummaryTableHeaderBeginTemplate --> </noinclude> | <!-- BEGIN of Section for SummaryTableHeaderBeginTemplate --> </noinclude> | ||
− | | threatAgents = | + | | threatAgents = Bedrohungsquellen |
− | | attackVectors = | + | | attackVectors = Angriffsvektoren |
| securityWeakness = Schwachstellen | | securityWeakness = Schwachstellen | ||
| technicalImpacts = Technische Auswirkung | | technicalImpacts = Technische Auswirkung | ||
+ | | technical = technisch | ||
+ | | business = Geschäftl. | ||
| businessImpacts = Auswirkung auf das Unternehmen | | businessImpacts = Auswirkung auf das Unternehmen | ||
| threatAgentsImage = Image:Top 10 de threatAgents.png | | threatAgentsImage = Image:Top 10 de threatAgents.png | ||
| attackVectorsImage = Image:Top 10 de attackVectors.png | | attackVectorsImage = Image:Top 10 de attackVectors.png | ||
| securityWeaknessImage= Image:Top 10 de securityWeakness.png | | securityWeaknessImage= Image:Top 10 de securityWeakness.png | ||
+ | | impactsImage <!--- TBD ----> | ||
| technicalImpactsImage = Image:Top 10 de technicalImpacts.png | | technicalImpactsImage = Image:Top 10 de technicalImpacts.png | ||
| businessImpactsImage = Image:Top 10 de businessImpacts.png <noinclude> | | businessImpactsImage = Image:Top 10 de businessImpacts.png <noinclude> | ||
<!-- END of Section for SummaryTableHeaderBeginTemplate --> | <!-- END of Section for SummaryTableHeaderBeginTemplate --> | ||
+ | <!-- BEGIN of Section for other Images --> </noinclude> | ||
+ | | applicationSecurityRisksImage = Image:Top 10 de ApplicationSecurityRisks.png <noinclude> | ||
+ | <!-- END of Section for other Images --> | ||
<!-- BEGIN of Section for SubsectionAdvancedTemplate --> </noinclude> | <!-- BEGIN of Section for SubsectionAdvancedTemplate --> </noinclude> | ||
− | | vulnerableTo = Bin ich durch {{ | + | | isTheApplicationVulnerable = Ist die Anwendung verwundbar? |
+ | | vulnerableTo = Bin ich durch {{Top_10_2010:ByTheNumbers|{{{risk}}}|year={{{year}}}|language={{{language}}} }} verwundbar? | ||
| vulnerableTo1 = Bin ich durch | | vulnerableTo1 = Bin ich durch | ||
| vulnerableTo2 = verwundbar? | | vulnerableTo2 = verwundbar? | ||
− | | howPrevent = Wie kann ich {{ | + | | howToPrevent = Wie kann ich das verhindern? |
+ | | howPrevent = Wie kann ich {{Top_10_2010:ByTheNumbers|{{{risk}}}|year={{{year}}}|language={{{language}}} }} verhindern? | ||
| howPrevent1 = Wie kann ich | | howPrevent1 = Wie kann ich | ||
| howPrevent2 = verhindern? | | howPrevent2 = verhindern? | ||
Line 101: | Line 213: | ||
<!-- BEGIN of SubSubsectionExternalReferencesTemplate --> </noinclude> | <!-- BEGIN of SubSubsectionExternalReferencesTemplate --> </noinclude> | ||
| myUnused = FEHLER im 'Language File' (Aufruf des unbenutzten Objekts) | | myUnused = FEHLER im 'Language File' (Aufruf des unbenutzten Objekts) | ||
− | | #default = FEHLER im 'Language File' (Aufruf des unbekannten Objekts) | + | | #default = FEHLER im '<u>[[:Template:Top_10:LanguageFile|Language File]]</u>' (Aufruf des unbekannten Objekts '{{{text}}}') |
}} <!-- End of German --> | }} <!-- End of German --> | ||
<noinclude> | <noinclude> | ||
Line 108: | Line 220: | ||
<!-- | us = --> | <!-- | us = --> | ||
<!-- | gb = --> | <!-- | gb = --> | ||
− | </noinclude> | + | </noinclude> | #default = <!-- English --> |
− | |||
{{#switch: {{{text}}} <noinclude> | {{#switch: {{{text}}} <noinclude> | ||
+ | <!-- BEGIN Document-Root --> </noinclude> | ||
+ | | documentRootTop10New = Top 10-{{{year}}} | ||
+ | | documentRootTop10NewDeveloperEdition = Top 10-{{{year}}} Developer Edition | ||
+ | | documentRootTop10 = Top 10 {{{year}}} | ||
+ | | documentRootTop10DeveloperEdition = Top 10 {{{year}}} Developer Edition<noinclude> | ||
+ | <!-- END Document-Root --> | ||
+ | <!-- BEGIN of Top Ten Section for Top 10 2013-CenterLinkTemplate + Top 10 2013:Top and Bottom(Advanced)Template(s) --> </noinclude> | ||
+ | | top10TmpMessage = | ||
+ | {{#switch: {{{year}}} | ||
+ | | 2017 = <noinclude>==The OWASP Top 10-2017 have been released. This wiki page will be updated, soon.==<br/><br/>==Please use the <u>[[Media:OWASP_Top_10-2017_(en).pdf.pdf| PDF version of the OWASP Top 10 - 2017]]</u> for now.==<br/><br/>More information available <u>[[:Category:OWASP_Top_Ten_Project|here]]</u>.</noinclude> | ||
+ | | 2013 <noinclude>= ==The Top 10-2013 Wiki is under Construction. The Content is Not Finished yet==</noinclude> | ||
+ | | #default = NOTE: THIS IS NOT THE LATEST VERSION. Please visit the <u>[[:Category:OWASP_Top_Ten_Project|OWASP Top 10 project page]]</u> to find the latest edition. | ||
+ | }} | ||
+ | | top10TmpMessageDeveloperEdition = ==The Top 10-2013 Developer Edition Wiki is under Connstruction. The Content is Not Finished yet== | ||
+ | | centerLink1 = | ||
+ | {{#switch: {{{year}}} | ||
+ | | 2017 = [[:Category:OWASP Top Ten {{{year}}} Project | {{{year}}} Table of Contents]] | ||
+ | | #default = [[Top 10 {{{year}}}-Table of Contents | {{{year}}} Table of Contents]] | ||
+ | }} | ||
+ | | centerLink2 = | ||
+ | {{#switch: {{{year}}} | ||
+ | | 2017 = [[Media:OWASP_Top_10-2017_(en).pdf.pdf| PDF version]] <noinclude> | ||
+ | <!--- | 2017 = [[Top 10-{{{year}}} Top 10|{{{year}}} Top 10 List]] ----></noinclude> | ||
+ | | #default = [[Top_10_{{{year}}}-Top 10|{{{year}}} Top 10 List]] | ||
+ | }} | ||
+ | | centerLink1DeveloperEdition = [[Top 10 {{{year}}} Developer Edition-Table of Contents|{{{year}}} Developer Edition-Table of Contents]] | ||
+ | | centerLink2DeveloperEdition = [[Top 10 {{{year}}} Developer Edition-Top 10 List|{{{year}}} Developer Edition-Top 10 List]] | ||
+ | | projectCategory = [[Category:OWASP Top Ten Project]] [[Category:OWASP Top Ten {{{year}}} Project]] | ||
+ | | projectCategoryDeveloperEdition = [[Category:OWASP Top Ten {{{year}}} Developer Edition]]<noinclude> | ||
<!-- BEGIN main Document --> </noinclude> | <!-- BEGIN main Document --> </noinclude> | ||
− | | forward = Forward | + | | tableOfContents = Table of Contents |
− | | forwardTranslation = Forward of the | + | | foreword = Foreword |
+ | | forewordTranslation = Foreword of the English Wiki | ||
+ | | forward = Forward <!--- looks like a repaired issue ---> | ||
+ | | forwardTranslation = Forward of the English Wiki <!--- looks like a repaired issue ---> | ||
| aboutOWASP = About OWASP | | aboutOWASP = About OWASP | ||
| copyrightAndLicense Copyright and License | | copyrightAndLicense Copyright and License | ||
Line 119: | Line 262: | ||
| releaseNotes = Release Notes | | releaseNotes = Release Notes | ||
| risks = Risks | | risks = Risks | ||
− | | risk = | + | | risk = Risk |
+ | | subTitleApplicationRisks = (Application Security Risks) | ||
+ | | riskLarge = RISIK | ||
| applicationSecurityRisks = Application Security Risks | | applicationSecurityRisks = Application Security Risks | ||
| theTop10 = The Top 10 | | theTop10 = The Top 10 | ||
+ | | top10 = Top 10 | ||
| whatsNextforDevelopers = What's Next for Developers | | whatsNextforDevelopers = What's Next for Developers | ||
| whatsNextforVerifiers = What's Next for Verifiers | | whatsNextforVerifiers = What's Next for Verifiers | ||
+ | | whatsNextforSecurityTesting = What's Next for Security Testing | ||
+ | | whatsNextforSecurityTesters = What's Next for Security Testers | ||
| whatsNextforOrganizations = What's Next for Organizations | | whatsNextforOrganizations = What's Next for Organizations | ||
+ | | whatsNextforApplicationManagers = What's Next for Application Managers | ||
| noteAboutRisks = Note About Risks | | noteAboutRisks = Note About Risks | ||
+ | | OWASPTop10ApplicationSecurityRisks = OWASP Top 10 Application Security Risks | ||
| detailsAboutRiskFactors = Details About Risk Factors | | detailsAboutRiskFactors = Details About Risk Factors | ||
+ | | methodologyAndData = Methodology and Data | ||
| appendix = appendix | | appendix = appendix | ||
| warnings = Warnings | | warnings = Warnings | ||
| acknowledgements = Acknowledgements | | acknowledgements = Acknowledgements | ||
+ | | attribution = Attribution | ||
+ | | whatChangedFrom2010to2013 = What Changed From 2010 to 2013? | ||
| welcome = Welcome | | welcome = Welcome | ||
| whatAreApplicationSecurityRisks = What Are Application Security Risks? | | whatAreApplicationSecurityRisks = What Are Application Security Risks? | ||
| whatsMyRisk = What's My Risk? | | whatsMyRisk = What's My Risk? | ||
| references = References | | references = References | ||
− | | establishAndUseAFullSetOfCommonSecurityControls = Establish and | + | | establishAndUseAFullSetOfCommonSecurityControls = Establish & Use Repeatable Security Processes and Standard Security Controls |
| startYourApplicationSecurityProgramNow = Start Your Application Security Program Now | | startYourApplicationSecurityProgramNow = Start Your Application Security Program Now | ||
+ | | establishContinuousApplicationSecurityTesting = Establish Continuous Application Security Testing | ||
| getOrganized = Get Organized | | getOrganized = Get Organized | ||
| codeReview = Code Review | | codeReview = Code Review | ||
Line 141: | Line 295: | ||
| itsAboutRisksNotWeaknesses = It's About Risks, Not Weaknesses | | itsAboutRisksNotWeaknesses = It's About Risks, Not Weaknesses | ||
| top10RiskFactorSummary = Top 10 Risk Factor Summary | | top10RiskFactorSummary = Top 10 Risk Factor Summary | ||
+ | | rank = Rank | ||
+ | | surveyVulnerabilityCategories = Survey Vulnerability Categories | ||
| additionalRisksToConsider = Additional Risks to Consider <noinclude> | | additionalRisksToConsider = Additional Risks to Consider <noinclude> | ||
<!-- END main Document --> | <!-- END main Document --> | ||
<!-- BEGIN of Top Ten Section for ByTheNumbersTemplate --> </noinclude> | <!-- BEGIN of Top Ten Section for ByTheNumbersTemplate --> </noinclude> | ||
| injection = Injection | | injection = Injection | ||
+ | | brokenAuth = Broken Authentication | ||
| brokenAuthSessionMgmt = Broken Authentication and Session Management | | brokenAuthSessionMgmt = Broken Authentication and Session Management | ||
+ | | authentication = Authentication <!-- short form for 'Broken Authentication and Session Management' ---> | ||
| xss = Cross-Site Scripting (XSS) | | xss = Cross-Site Scripting (XSS) | ||
+ | | xssShort = XSS | ||
+ | | xxe = XML External Entities (XXE) | ||
| insecureDirectObjectReference = Insecure Direct Object References | | insecureDirectObjectReference = Insecure Direct Object References | ||
+ | | insecureDOR = Insecure DOR | ||
| securityMisconfig = Security Misconfiguration | | securityMisconfig = Security Misconfiguration | ||
+ | | misconfig = Misconfig | ||
| sensitiveDataExposure = Sensitive Data Exposure | | sensitiveDataExposure = Sensitive Data Exposure | ||
+ | | sensData = Sens. Data | ||
+ | | insecureDeserialization = Insecure Deserialization | ||
| missingFunctionLevelACL = Missing Function Level Access Control | | missingFunctionLevelACL = Missing Function Level Access Control | ||
+ | | functionAcc = Function Acc. | ||
+ | | csrf = Cross-Site Request Forgery (CSRF) | ||
| csrfShort = CSRF | | csrfShort = CSRF | ||
− | |||
| usingVulnerableComponents = Using Components with Known Vulnerabilities | | usingVulnerableComponents = Using Components with Known Vulnerabilities | ||
+ | | vulnComponents = Vulnerable Components | ||
| unvalidatedRedirectsForwards = Unvalidated Redirects and Forwards | | unvalidatedRedirectsForwards = Unvalidated Redirects and Forwards | ||
+ | | unvalRedirects = unval. Redirects | ||
| insecureCryptographicStorage = Insecure Cryptographic Storage | | insecureCryptographicStorage = Insecure Cryptographic Storage | ||
| failureRestrictUrlAccess = Failure to Restrict URL Access | | failureRestrictUrlAccess = Failure to Restrict URL Access | ||
| insufficientTLProtection = Insufficient Transport Layer Protection | | insufficientTLProtection = Insufficient Transport Layer Protection | ||
+ | | brokenAccessControl = Broken Access Control | ||
+ | | insufficientLoggingMonitoring = Insufficient Logging&Monitoring | ||
+ | | insufficientAttackPrevention = Insufficient Attack Protection | ||
+ | | underprotectedAPIs = Underprotected APIs | ||
+ | | accessCtrl = Access Ctrl | ||
+ | | attackProt = Attack Prot. | ||
+ | | ApiProt = API Prot. | ||
| inProgress = In Progress <noinclude> | | inProgress = In Progress <noinclude> | ||
<!-- END of Top Ten Section for ByTheNumbersTemplate --> | <!-- END of Top Ten Section for ByTheNumbersTemplate --> | ||
<!-- BEGIN of Section for Top 10:SummaryTableTemplate --> </noinclude> | <!-- BEGIN of Section for Top 10:SummaryTableTemplate --> </noinclude> | ||
+ | | applicationSpecific = Application Specific | ||
+ | | appSpecific = App Specific | ||
+ | | applicationBusinessSpecific = Application / Business Specific | ||
+ | | appBusinessSpecific = App / Business Specific | ||
+ | | businessQuestionmark = Business ? | ||
| exploitability = Exploitability | | exploitability = Exploitability | ||
| easy = EASY | | easy = EASY | ||
| average = AVERAGE | | average = AVERAGE | ||
| difficult = DIFFICULT | | difficult = DIFFICULT | ||
+ | | weakness = Weakness <!-- for table in Top_10_2013-Risk --> | ||
| prevalence = Prevalence | | prevalence = Prevalence | ||
| veryWidespread = VERY WIDESPREAD | | veryWidespread = VERY WIDESPREAD | ||
Line 172: | Line 352: | ||
| detectability = Detectability | | detectability = Detectability | ||
| impact = Impact | | impact = Impact | ||
+ | | impacts = Impacts | ||
| severe = SEVERE | | severe = SEVERE | ||
| moderate = MODERATE | | moderate = MODERATE | ||
Line 181: | Line 362: | ||
| securityWeakness = Security Weakness | | securityWeakness = Security Weakness | ||
| technicalImpacts = Technical Impacts | | technicalImpacts = Technical Impacts | ||
− | | businessImpacts = Business Impacts | + | | technical = Technical |
+ | | businessImpacts = Business Impacts | ||
+ | | business = Business | ||
+ | | score = Score | ||
| threatAgentsImage = Image:Top 10 threatAgents.png | | threatAgentsImage = Image:Top 10 threatAgents.png | ||
| attackVectorsImage = Image:Top 10 attackVectors.png | | attackVectorsImage = Image:Top 10 attackVectors.png | ||
| securityWeaknessImage= Image:Top 10 securityWeakness.png | | securityWeaknessImage= Image:Top 10 securityWeakness.png | ||
+ | | impactsImage <!--- TBD ----> | ||
| technicalImpactsImage = Image:Top 10 technicalImpacts.png | | technicalImpactsImage = Image:Top 10 technicalImpacts.png | ||
| businessImpactsImage = Image:Top 10 businessImpacts.png <noinclude> | | businessImpactsImage = Image:Top 10 businessImpacts.png <noinclude> | ||
<!-- END of Section for SummaryTableHeaderBeginTemplate --> | <!-- END of Section for SummaryTableHeaderBeginTemplate --> | ||
+ | <!-- BEGIN of Section for other Images --> </noinclude> | ||
+ | | applicationSecurityRisksImage = Image:Top_10_2013-appsec-risks.png <noinclude> | ||
+ | <!-- END of Section for other Images --> | ||
<!-- BEGIN of Section for SubsectionAdvancedTemplate --> </noinclude> | <!-- BEGIN of Section for SubsectionAdvancedTemplate --> </noinclude> | ||
− | | vulnerableTo = Am I Vulnerable To {{ | + | | isTheApplicationVulnerable = Is the Application Vulnerable? |
+ | | vulnerableTo = Am I Vulnerable To {{Top_10_2010:ByTheNumbers|{{{risk}}}|year={{{year}}}|language={{{language}}} }}? | ||
| vulnerableTo1 = Am I Vulnerable To | | vulnerableTo1 = Am I Vulnerable To | ||
| vulnerableTo2 = ? | | vulnerableTo2 = ? | ||
− | | howPrevent = How Do I | + | | howToPrevent = How to Prevent |
− | | howPrevent1 = How Do I | + | | howPrevent = How Do I Prevent {{Top_10_2010:ByTheNumbers|{{{risk}}}|year={{{year}}}|language={{{language}}} }}? |
+ | | howPrevent1 = How Do I Prevent | ||
| howPrevent2 = ? | | howPrevent2 = ? | ||
− | | exampleScenarios = Example Scenarios | + | | exampleScenarios = Example Attack Scenarios |
| defendingOption = Defending Option | | defendingOption = Defending Option | ||
| against = against | | against = against | ||
Line 204: | Line 394: | ||
<!-- BEGIN of SubSubsectionExternalReferencesTemplate --> </noinclude> | <!-- BEGIN of SubSubsectionExternalReferencesTemplate --> </noinclude> | ||
| myUnused = ERROR in the 'Language File' (Use of the unused Object) | | myUnused = ERROR in the 'Language File' (Use of the unused Object) | ||
− | | #default = | + | | #default = ERROR in the '<u>[[:Template:Top_10:LanguageFile|Language File]]</u>' (Use of unknown Object '{{{text}}}') |
}} <!-- End of English --> | }} <!-- End of English --> | ||
}}</onlyinclude> | }}</onlyinclude> |
Latest revision as of 22:43, 24 February 2019
Usage:
This File contains all the text that is used by OWASP Top 10 Templates
Please leave a message to Torsten Gigler @
if you liked to add a new localization
If you use an undefined language you will get English output (default language).
{{Top_10:LanguageFile
- |text=<parameter> <!-- take one of the defined parmeters, e.g. tableOfContents -->
- |language=<your language> <!-- actually only English (=en) and German (=de) are valid parameters) -->
- |year=<year> <!-- optional for some texts -->
}}
Example:
{{Top_10:LanguageFile|text=tableOfContents|language=de}} => Inhaltsverzeichnis
Healthcheck
tbd.
In the meantime, please check:
If you use an unknown parameter you will get the following Error message in your wiki page:
ERROR in the 'Language File' (Use of unknown Object '{{{text}}}')