This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Top 10/Mapping to WHID

From OWASP

Revision as of 19:32, 12 March 2015 by Rcbarnett (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

Here is a mapping of the [| OWASP Top 10 - 2013] to example real world entries in the OWASP/WASC Web Hacking Incident Database (WHID):

A1: Injection - http://www.google.com/fusiontables/DataSource?snapid=S2086702IR5
A2: Cross-site Scripting - https://www.google.com/fusiontables/DataSource?snapid=S856202bP-1
A3: Broken Authentication and Session Management - https://www.google.com/fusiontables/DataSource?snapid=S856203SqTh
A4: Insecure Direct Object Reference - http://www.google.com/fusiontables/DataSource?snapid=S208914Efwz
A5: Cross-site Request Forgery - https://www.google.com/fusiontables/DataSource?snapid=S856204sdBi
A6: Security Misconfiguration - http://www.google.com/fusiontables/DataSource?snapid=S208909HtmA
A8: Failure to Restrict URL Access - http://www.google.com/fusiontables/DataSource?snapid=S208910u7mt
A9: Insufficient Transport Layer Protection - http://www.google.com/fusiontables/DataSource?snapid=S2089112yxM
A10: Unvalidated Redirects and Forwards - http://www.google.com/fusiontables/DataSource?snapid=S2089124qF5

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Top_10/Mapping_to_WHID&oldid=191294"