This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Template:Top 10 2010:ByTheNumbers"
From OWASP
m (Deleted '_Developer_Edition_De' in Documentation) |
m (Editorial changes (added some spaces)) |
||
| (3 intermediate revisions by 2 users not shown) | |||
| Line 3: | Line 3: | ||
<!--------------------------------------------------------> | <!--------------------------------------------------------> | ||
==='''Usage:''' === | ==='''Usage:''' === | ||
| − | <nowiki>{{Top_10_2010:ByTheNumbers|{{{risk}}}|year={{{year}}}|language={{{language}}} }}</nowiki> | + | <nowiki>{{Top_10_2010:ByTheNumbers|{{{risk}}}|year={{{year}}}|language={{{language}}}|type=<optional type>}}</nowiki><br/><nowiki> <!-- the 'type=short' is opional (used for '+RF') ---></nowiki> |
<br/> | <br/> | ||
=== '''Example:''' === | === '''Example:''' === | ||
<nowiki>{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}} | <nowiki>{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}} | ||
| − | {{Top_10_2010:ByTheNumbers|2|year=2013}} | + | {{Top_10_2010:ByTheNumbers|2|year=2013}} <!-- Default-Language = English ---> |
| − | {{Top_10_2010:ByTheNumbers|2|language=de}} <!-- Default-Year = 2010 ---></nowiki> | + | {{Top_10_2010:ByTheNumbers|2|language=de}} <!-- Default-Year = 2010 ---> |
| + | {{Top_10_2010:ByTheNumbers|9|year=2017|type=short}} <!-- Type = short ---></nowiki> | ||
| + | |||
<br/> | <br/> | ||
{| class="wikitable" cellspacing="1" cellpadding="1" border="1" width="100%;" | {| class="wikitable" cellspacing="1" cellpadding="1" border="1" width="100%;" | ||
| Line 17: | Line 19: | ||
! style="min-width: 24%" |English 2013 | ! style="min-width: 24%" |English 2013 | ||
! style="min-width: 24%" |German 2013 | ! style="min-width: 24%" |German 2013 | ||
| + | ! style="min-width: 24%" |English 2017 | ||
|- | |- | ||
| 1 | | 1 | ||
| Line 23: | Line 26: | ||
| {{Top_10_2010:ByTheNumbers|1|year=2013}} | | {{Top_10_2010:ByTheNumbers|1|year=2013}} | ||
| {{Top_10_2010:ByTheNumbers|1|language=de|year=2013}} | | {{Top_10_2010:ByTheNumbers|1|language=de|year=2013}} | ||
| + | | {{Top_10_2010:ByTheNumbers|1|year=2017}} | ||
| + | |||
|- | |- | ||
| 2 | | 2 | ||
| Line 29: | Line 34: | ||
| {{Top_10_2010:ByTheNumbers|2|year=2013}} | | {{Top_10_2010:ByTheNumbers|2|year=2013}} | ||
| {{Top_10_2010:ByTheNumbers|2|language=de|year=2013}} | | {{Top_10_2010:ByTheNumbers|2|language=de|year=2013}} | ||
| + | | {{Top_10_2010:ByTheNumbers|2|year=2017}} | ||
|- | |- | ||
| 3 | | 3 | ||
| Line 35: | Line 41: | ||
| {{Top_10_2010:ByTheNumbers|3|year=2013}} | | {{Top_10_2010:ByTheNumbers|3|year=2013}} | ||
| {{Top_10_2010:ByTheNumbers|3|language=de|year=2013}} | | {{Top_10_2010:ByTheNumbers|3|language=de|year=2013}} | ||
| + | | {{Top_10_2010:ByTheNumbers|3|year=2017}} | ||
|- | |- | ||
| 4 | | 4 | ||
| Line 41: | Line 48: | ||
| {{Top_10_2010:ByTheNumbers|4|year=2013}} | | {{Top_10_2010:ByTheNumbers|4|year=2013}} | ||
| {{Top_10_2010:ByTheNumbers|4|language=de|year=2013}} | | {{Top_10_2010:ByTheNumbers|4|language=de|year=2013}} | ||
| + | | {{Top_10_2010:ByTheNumbers|4|year=2017}} | ||
|- | |- | ||
| 5 | | 5 | ||
| Line 47: | Line 55: | ||
| {{Top_10_2010:ByTheNumbers|5|year=2013}} | | {{Top_10_2010:ByTheNumbers|5|year=2013}} | ||
| {{Top_10_2010:ByTheNumbers|5|language=de|year=2013}} | | {{Top_10_2010:ByTheNumbers|5|language=de|year=2013}} | ||
| + | | {{Top_10_2010:ByTheNumbers|5|year=2017}} | ||
|- | |- | ||
| 6 | | 6 | ||
| Line 53: | Line 62: | ||
| {{Top_10_2010:ByTheNumbers|6|year=2013}} | | {{Top_10_2010:ByTheNumbers|6|year=2013}} | ||
| {{Top_10_2010:ByTheNumbers|6|language=de|year=2013}} | | {{Top_10_2010:ByTheNumbers|6|language=de|year=2013}} | ||
| + | | {{Top_10_2010:ByTheNumbers|6|year=2017}} | ||
|- | |- | ||
| 7 | | 7 | ||
| Line 59: | Line 69: | ||
| {{Top_10_2010:ByTheNumbers|7|year=2013}} | | {{Top_10_2010:ByTheNumbers|7|year=2013}} | ||
| {{Top_10_2010:ByTheNumbers|7|language=de|year=2013}} | | {{Top_10_2010:ByTheNumbers|7|language=de|year=2013}} | ||
| + | | {{Top_10_2010:ByTheNumbers|7|year=2017}} | ||
|- | |- | ||
| 8 | | 8 | ||
| Line 65: | Line 76: | ||
| {{Top_10_2010:ByTheNumbers|8|year=2013}} | | {{Top_10_2010:ByTheNumbers|8|year=2013}} | ||
| {{Top_10_2010:ByTheNumbers|8|language=de|year=2013}} | | {{Top_10_2010:ByTheNumbers|8|language=de|year=2013}} | ||
| + | | {{Top_10_2010:ByTheNumbers|8|year=2017}} | ||
|- | |- | ||
| 9 | | 9 | ||
| Line 71: | Line 83: | ||
| {{Top_10_2010:ByTheNumbers|9|year=2013}} | | {{Top_10_2010:ByTheNumbers|9|year=2013}} | ||
| {{Top_10_2010:ByTheNumbers|9|language=de|year=2013}} | | {{Top_10_2010:ByTheNumbers|9|language=de|year=2013}} | ||
| + | | {{Top_10_2010:ByTheNumbers|9|year=2017}} (short: {{Top_10_2010:ByTheNumbers|9|year=2017|type=short}}) | ||
|- | |- | ||
| 10 | | 10 | ||
| Line 77: | Line 90: | ||
| {{Top_10_2010:ByTheNumbers|10|year=2013}} | | {{Top_10_2010:ByTheNumbers|10|year=2013}} | ||
| {{Top_10_2010:ByTheNumbers|10|language=de|year=2013}} | | {{Top_10_2010:ByTheNumbers|10|language=de|year=2013}} | ||
| + | | {{Top_10_2010:ByTheNumbers|10|year=2017}} | ||
|- | |- | ||
| 11 | | 11 | ||
| Line 83: | Line 97: | ||
| {{Top_10_2010:ByTheNumbers|11|year=2013}} | | {{Top_10_2010:ByTheNumbers|11|year=2013}} | ||
| {{Top_10_2010:ByTheNumbers|11|language=de|year=2013}} | | {{Top_10_2010:ByTheNumbers|11|language=de|year=2013}} | ||
| + | | {{Top_10_2010:ByTheNumbers|11|year=2017}} | ||
|} | |} | ||
<onlyinclude>{{#switch: {{{year}}} | <onlyinclude>{{#switch: {{{year}}} | ||
| + | | 2017 = | ||
| + | {{#switch: {{{1}}} | ||
| + | | 1={{Top_10:LanguageFile|text=injection|language={{{language}}} }} | ||
| + | | 2={{Top_10:LanguageFile|text=brokenAuth|language={{{language}}} }} | ||
| + | | 3={{Top_10:LanguageFile|text=sensitiveDataExposure|language={{{language}}} }} | ||
| + | | 4={{Top_10:LanguageFile|text=xxe|language={{{language}}} }} | ||
| + | | 5={{Top_10:LanguageFile|text=brokenAccessControl|language={{{language}}} }} | ||
| + | | 6={{Top_10:LanguageFile|text=securityMisconfig|language={{{language}}} }} | ||
| + | | 7={{Top_10:LanguageFile|text=xss|language={{{language}}} }} | ||
| + | | 8={{Top_10:LanguageFile|text=insecureDeserialization|language={{{language}}} }} | ||
| + | | 9={{#switch: {{{type}}} | ||
| + | | short ={{Top_10:LanguageFile|text=vulnComponents|language={{{language}}} }} | ||
| + | | #default={{Top_10:LanguageFile|text=usingVulnerableComponents|language={{{language}}} }} | ||
| + | }} | ||
| + | | 10={{Top_10:LanguageFile|text=insufficientLoggingMonitoring|language={{{language}}} }} | ||
| + | | 11={{Top_10:LanguageFile|text=inProgress|language={{{language}}} }} | ||
| + | }} | ||
| 2013 = | | 2013 = | ||
{{#switch: {{{1}}} | {{#switch: {{{1}}} | ||
Latest revision as of 14:38, 7 January 2018
Usage:
{{Top_10_2010:ByTheNumbers|{{{risk}}}|year={{{year}}}|language={{{language}}}|type=<optional type>}}
<!-- the 'type=short' is opional (used for '+RF') --->
Example:
{{Top_10_2010:ByTheNumbers|1|language=de|year=2013}}
{{Top_10_2010:ByTheNumbers|2|year=2013}} <!-- Default-Language = English --->
{{Top_10_2010:ByTheNumbers|2|language=de}} <!-- Default-Year = 2010 --->
{{Top_10_2010:ByTheNumbers|9|year=2017|type=short}} <!-- Type = short --->
| Number | English 2010 | German 2010 | English 2013 | German 2013 | English 2017 |
|---|---|---|---|---|---|
| 1 | Injection | Injection | Injection | Injection | Injection |
| 2 | Cross-Site Scripting (XSS) | Cross-Site Scripting (XSS) | Broken Authentication and Session Management | Fehler in Authentifizierung und Session-Management | Broken Authentication |
| 3 | Broken Authentication and Session Management | Fehler in Authentifizierung und Session-Management | Cross-Site Scripting (XSS) | Cross-Site Scripting (XSS) | Sensitive Data Exposure |
| 4 | Insecure Direct Object References | Unsichere direkte Objektreferenzen | Insecure Direct Object References | Unsichere direkte Objektreferenzen | XML External Entities (XXE) |
| 5 | Cross-Site Request Forgery (CSRF) | Cross-Site Request Forgery (CSRF) | Security Misconfiguration | Sicherheitsrelevante Fehlkonfiguration | Broken Access Control |
| 6 | Security Misconfiguration | Sicherheitsrelevante Fehlkonfiguration | Sensitive Data Exposure | Verlust der Vertraulichkeit sensibler Daten | Security Misconfiguration |
| 7 | Insecure Cryptographic Storage | Kryptografisch unsichere Speicherung | Missing Function Level Access Control | Fehlerhafte Autorisierung auf Anwendungsebene | Cross-Site Scripting (XSS) |
| 8 | Failure to Restrict URL Access | Mangelhafter URL-Zugriffsschutz | Cross-Site Request Forgery (CSRF) | Cross-Site Request Forgery (CSRF) | Insecure Deserialization |
| 9 | Insufficient Transport Layer Protection | Unzureichende Absicherung der Transportschicht | Using Components with Known Vulnerabilities | Nutzung von Komponenten mit bekannten Schwachstellen | Using Components with Known Vulnerabilities (short: Vulnerable Components) |
| 10 | Unvalidated Redirects and Forwards | Ungeprüfte Um- und Weiterleitungen | Unvalidated Redirects and Forwards | Ungeprüfte Um- und Weiterleitungen | Insufficient Logging&Monitoring |
| 11 | In Progress | In Arbeit | In Progress | In Arbeit | In Progress |
