This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Top 10 2010-Main

From OWASP
Revision as of 22:08, 15 April 2010 by Neil Smithline (talk | contribs)

Jump to: navigation, search

NOTE: THIS IS NOT THE LATEST VERSION. Please visit the OWASP Top 10 project page to find the latest edition.

««««
Top 10 Introduction
Top 10 Risks
 »»»»

OWASP Top 10 Application Security Risks 2010

[[Top_10_2007-A1|A1-Injection] Injection flaws, such as SQL, OS, and LDAP injection, occur when untrusted data is sent to an interpreter as part of a command or query. The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing unauthorized data.
A2-Cross Site Scripting (XSS)
A3- Broken Authentication and Session Management
A4-Insecure Direct Object References
A5-Cross Site Request Forgery (CSRF)
A6-Security Misconfiguration
A7-Failure to Restrict URL Access
A8-Unvalidated Redirects and Forwards
A9-Insecure Cryptographic Storage
A10-Insufficient Transport Layer Protection


««««
Top 10 Introduction
Top 10 Risks
 »»»»
© 2002-2010 OWASP Foundation This document is licensed under the Creative Commons Attribution-ShareAlike 3.0 license. Some rights reserved. CC-by-sa-3 0-88x31.png
Retrieved from "https://wiki.owasp.org/index.php?title=Top_10_2010-Main&oldid=81500"