This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Template:Top 10 2010:ByTheNumbers"
From OWASP
(Uses now Top_10:LanguageFile) |
|||
| Line 1: | Line 1: | ||
| − | {{#switch: {{{year}}} | + | <!----------------------------------------------------------------------------> |
| + | <!-- Template:Top 10 2010:ByTheNumbers --> | ||
| + | <!----------------------------------------------------------------------------> | ||
| + | ==='''Usage:''' === | ||
| + | <nowiki>{{Top_10_2010_Developer_Edition_De:ByTheNumbers|{{{risk}}}|year={{{year}}}|language={{{language}}} }}</nowiki> | ||
| + | <br/> | ||
| + | === '''Example:''' === | ||
| + | <nowiki>{{Top_10_2010_Developer_Edition_De:ByTheNumbers|1|language=de|year=2013}} | ||
| + | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|2|year=2013}} <!-- Default-Language = English ---> | ||
| + | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|2|language=de}} <!-- Default-Year = 2010 ---></nowiki> | ||
| + | <br/> | ||
| + | {| class="wikitable" cellspacing="1" cellpadding="1" border="1" width="100%;" | ||
| + | |- | ||
| + | ! style="min-width: 12%" |Number | ||
| + | ! style="min-width: 22%" |English 2010 | ||
| + | ! style="min-width: 22%" |German 2010 | ||
| + | ! style="min-width: 22%" |English 2013 | ||
| + | ! style="min-width: 22%" |German 2013 | ||
| + | |- | ||
| + | | 1 | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|1}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|1|language=de}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|1|year=2013}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|1|language=de|year=2013}} | ||
| + | |- | ||
| + | | 2 | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|2}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|2|language=de}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|2|year=2013}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|2|language=de|year=2013}} | ||
| + | |- | ||
| + | | 3 | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|3}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|3|language=de}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|3|year=2013}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|3|language=de|year=2013}} | ||
| + | |- | ||
| + | | 4 | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|4}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|4|language=de}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|4|year=2013}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|4|language=de|year=2013}} | ||
| + | |- | ||
| + | | 5 | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|5}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|5|language=de}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|5|year=2013}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|5|language=de|year=2013}} | ||
| + | |- | ||
| + | | 6 | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|6}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|6|language=de}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|6|year=2013}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|6|language=de|year=2013}} | ||
| + | |- | ||
| + | | 7 | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|7}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|7|language=de}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|7|year=2013}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|7|language=de|year=2013}} | ||
| + | |- | ||
| + | | 8 | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|8}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|8|language=de}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|8|year=2013}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|8|language=de|year=2013}} | ||
| + | |- | ||
| + | | 9 | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|9}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|9|language=de}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|9|year=2013}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|9|language=de|year=2013}} | ||
| + | |- | ||
| + | | 10 | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|10}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|10|language=de}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|10|year=2013}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|10|language=de|year=2013}} | ||
| + | |- | ||
| + | | 11 | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|11}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|11|language=de}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|11|year=2013}} | ||
| + | | {{Top_10_2010_Developer_Edition_De:ByTheNumbers|11|language=de|year=2013}} | ||
| + | |} | ||
| + | |||
| + | <onlyinclude>{{#switch: {{{year}}} | ||
| 2013 = | | 2013 = | ||
{{#switch: {{{1}}} | {{#switch: {{{1}}} | ||
| − | | 1= | + | | 1={{Top_10:LanguageFile|text=injection|language={{{language}}} }} |
| − | | 2= | + | | 2={{Top_10:LanguageFile|text=brokenAuthSessionMgmt|language={{{language}}} }} |
| − | | 3= | + | | 3={{Top_10:LanguageFile|text=xss|language={{{language}}} }} |
| − | | 4= | + | | 4={{Top_10:LanguageFile|text=insecureDirectObjectReference|language={{{language}}} }} |
| − | | 5= | + | | 5={{Top_10:LanguageFile|text=securityMisconfig|language={{{language}}} }} |
| − | | 6= | + | | 6={{Top_10:LanguageFile|text=sensitiveDataExposure|language={{{language}}} }} |
| − | | 7= | + | | 7={{Top_10:LanguageFile|text=missingFunctionLevelACL|language={{{language}}} }} |
| − | | 8= | + | | 8={{Top_10:LanguageFile|text=csrf|language={{{language}}} }} |
| − | | 9= | + | | 9={{Top_10:LanguageFile|text=usingVulnerableComponents|language={{{language}}} }} |
| − | | 10= | + | | 10={{Top_10:LanguageFile|text=unvalidatedRedirectsForwards|language={{{language}}} }} |
| − | | 11= | + | | 11={{Top_10:LanguageFile|text=inProgress|language={{{language}}} }} |
| − | + | }} | |
| − | | #default = | + | | #default = |
{{#switch: {{{1}}} | {{#switch: {{{1}}} | ||
| − | | 1= | + | | 1={{Top_10:LanguageFile|text=injection|language={{{language}}} }} |
| − | | 2= | + | | 2={{Top_10:LanguageFile|text=xss|language={{{language}}} }} |
| − | | 3= | + | | 3={{Top_10:LanguageFile|text=brokenAuthSessionMgmt|language={{{language}}} }} |
| − | | 4= | + | | 4={{Top_10:LanguageFile|text=insecureDirectObjectReference|language={{{language}}} }} |
| − | | 5= | + | | 5={{Top_10:LanguageFile|text=csrf|language={{{language}}} }} |
| − | | 6= | + | | 6={{Top_10:LanguageFile|text=securityMisconfig|language={{{language}}} }} |
| − | | 7= | + | | 7={{Top_10:LanguageFile|text=insecureCryptographicStorage|language={{{language}}} }} |
| − | | 8= | + | | 8={{Top_10:LanguageFile|text=failureRestrictUrlAccess|language={{{language}}} }} |
| − | | 9= | + | | 9={{Top_10:LanguageFile|text=insufficientTLProtection|language={{{language}}} }} |
| − | | 10= | + | | 10={{Top_10:LanguageFile|text=unvalidatedRedirectsForwards|language={{{language}}} }} |
| − | | 11= | + | | 11={{Top_10:LanguageFile|text=inProgress|language={{{language}}} }} |
| − | + | }} | |
| − | }} | + | }}</onlyinclude> |
Revision as of 20:59, 13 April 2013
Usage:
{{Top_10_2010_Developer_Edition_De:ByTheNumbers|{{{risk}}}|year={{{year}}}|language={{{language}}} }}
Example:
{{Top_10_2010_Developer_Edition_De:ByTheNumbers|1|language=de|year=2013}}
{{Top_10_2010_Developer_Edition_De:ByTheNumbers|2|year=2013}} <!-- Default-Language = English --->
{{Top_10_2010_Developer_Edition_De:ByTheNumbers|2|language=de}} <!-- Default-Year = 2010 --->
| Number | English 2010 | German 2010 | English 2013 | German 2013 |
|---|---|---|---|---|
| 1 | Injection | Injection | Injection | Injection |
| 2 | Cross-Site Scripting (XSS) | Cross-Site Scripting (XSS) | Broken Authentication and Session Management | Fehler in Authentifizierung und Session-Management |
| 3 | Broken Authentication and Session Management | Fehler in Authentifizierung und Session-Management | Cross-Site Scripting (XSS) | Cross-Site Scripting (XSS) |
| 4 | Insecure Direct Object References | Unsichere direkte Objektreferenzen | Insecure Direct Object References | Unsichere direkte Objektreferenzen |
| 5 | Cross-Site Request Forgery (CSRF) | Cross-Site Request Forgery (CSRF) | Security Misconfiguration | Sicherheitsrelevante Fehlkonfiguration |
| 6 | Security Misconfiguration | Sicherheitsrelevante Fehlkonfiguration | Sensitive Data Exposure | Verlust der Vertraulichkeit sensibler Daten |
| 7 | Insecure Cryptographic Storage | Kryptografisch unsichere Speicherung | Missing Function Level Access Control | Fehlerhafte Autorisierung auf Anwendungsebene |
| 8 | Failure to Restrict URL Access | Mangelhafter URL-Zugriffsschutz | Cross-Site Request Forgery (CSRF) | Cross-Site Request Forgery (CSRF) |
| 9 | Insufficient Transport Layer Protection | Unzureichende Absicherung der Transportschicht | Using Components with Known Vulnerabilities | Nutzung von Komponenten mit bekannten Schwachstellen |
| 10 | Unvalidated Redirects and Forwards | Ungeprüfte Um- und Weiterleitungen | Unvalidated Redirects and Forwards | Ungeprüfte Um- und Weiterleitungen |
| 11 | In Progress | In Arbeit | In Progress | In Arbeit |
