This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Top 10/Mapping to WHID"
From OWASP
Dinis.cruz (talk | contribs) m (moved OWASP Top Ten/Mapping to WHID to OWASP Top 10/Mapping to WHID: better name) |
|||
| Line 2: | Line 2: | ||
* A1: Injection - http://www.google.com/fusiontables/DataSource?snapid=S2086702IR5 | * A1: Injection - http://www.google.com/fusiontables/DataSource?snapid=S2086702IR5 | ||
| − | * A2: Cross-site Scripting - | + | * A2: Cross-site Scripting - https://www.google.com/fusiontables/DataSource?snapid=S856202bP-1 |
| − | * A3: Broken Authentication and Session Management - | + | * A3: Broken Authentication and Session Management - https://www.google.com/fusiontables/DataSource?snapid=S856203SqTh |
* A4: Insecure Direct Object Reference - http://www.google.com/fusiontables/DataSource?snapid=S208914Efwz | * A4: Insecure Direct Object Reference - http://www.google.com/fusiontables/DataSource?snapid=S208914Efwz | ||
| − | * A5: Cross-site Request Forgery - | + | * A5: Cross-site Request Forgery - https://www.google.com/fusiontables/DataSource?snapid=S856204sdBi |
* A6: Security Misconfiguration - http://www.google.com/fusiontables/DataSource?snapid=S208909HtmA | * A6: Security Misconfiguration - http://www.google.com/fusiontables/DataSource?snapid=S208909HtmA | ||
* A8: Failure to Restrict URL Access - http://www.google.com/fusiontables/DataSource?snapid=S208910u7mt | * A8: Failure to Restrict URL Access - http://www.google.com/fusiontables/DataSource?snapid=S208910u7mt | ||
* A9: Insufficient Transport Layer Protection - http://www.google.com/fusiontables/DataSource?snapid=S2089112yxM | * A9: Insufficient Transport Layer Protection - http://www.google.com/fusiontables/DataSource?snapid=S2089112yxM | ||
* A10: Unvalidated Redirects and Forwards - http://www.google.com/fusiontables/DataSource?snapid=S2089124qF5 | * A10: Unvalidated Redirects and Forwards - http://www.google.com/fusiontables/DataSource?snapid=S2089124qF5 | ||
Revision as of 14:03, 28 January 2013
Here is a mapping of the OWASP Top 10 entries to the WASC Web Hacking Incident Database (WHID):
- A1: Injection - http://www.google.com/fusiontables/DataSource?snapid=S2086702IR5
- A2: Cross-site Scripting - https://www.google.com/fusiontables/DataSource?snapid=S856202bP-1
- A3: Broken Authentication and Session Management - https://www.google.com/fusiontables/DataSource?snapid=S856203SqTh
- A4: Insecure Direct Object Reference - http://www.google.com/fusiontables/DataSource?snapid=S208914Efwz
- A5: Cross-site Request Forgery - https://www.google.com/fusiontables/DataSource?snapid=S856204sdBi
- A6: Security Misconfiguration - http://www.google.com/fusiontables/DataSource?snapid=S208909HtmA
- A8: Failure to Restrict URL Access - http://www.google.com/fusiontables/DataSource?snapid=S208910u7mt
- A9: Insufficient Transport Layer Protection - http://www.google.com/fusiontables/DataSource?snapid=S2089112yxM
- A10: Unvalidated Redirects and Forwards - http://www.google.com/fusiontables/DataSource?snapid=S2089124qF5
