This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Top 10 2013-A5-Security Misconfiguration
From OWASP
Revision as of 16:16, 17 February 2013 by Neil Smithline (talk | contribs)
TEMPORARY PLACEHOLDER for 2013 T10
NOTE: THIS IS NOT THE LATEST VERSION. Please visit the OWASP Top 10 project page to find the latest edition.
| [[Top 10 {{{year}}}-Insecure Direct Object References|← Insecure Direct Object References]] | [[Top_10_{{{year}}}-Top 10|{{{year}}} Top 10 List]] |
[[Top 10 {{{year}}}-Sensitive Data Exposure|Sensitive Data Exposure →]] |
PLEASE DELETE ME
<td style="font-size: 100%; font-weight: bold; background-color: #D9D9D9; color: #000000; border: 3px solid #444444">
Application / Business Specific </td> </tr> <tr valign="top">
<td style="text-align: left; border: 3px solid #444444;">blank.</td>
<td style="text-align: left; border: 3px solid #444444;">blank</td>
<td colspan=2 style="text-align: left; border: 3px solid #444444;">blank</td>
<td style="text-align: left; border: 3px solid #444444;">blank</td>
<td style="text-align: left; border: 3px solid #444444;">blank</td>
</tr></table></center>
|
Am I Vulnerable To 'Security Misconfiguration'?
blank |
How Do I Prevent 'Security Misconfiguration'?
blank
|
|
Example Attack Scenarios
blank blank code
blank http://example.com/app/accountView?id=' or '1'='1
blank |
References
OWASP External |
| [[Top 10 {{{year}}}-Insecure Direct Object References|← Insecure Direct Object References]] | [[Top_10_{{{year}}}-Top 10|{{{year}}} Top 10 List]] |
[[Top 10 {{{year}}}-Sensitive Data Exposure|Sensitive Data Exposure →]] |
