This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Top 10 2010-Main

Revision as of 19:34, 13 April 2010 by Neil Smithline (talk | contribs) (Created page with '{{Top_10_2010:TopTemplate|usenext=NextLink|next=-Broken Authentication and Session Management|useprev=PrevLink|prev=-Cross Site Request Forgery|usemain=MainLink|main=}} == OWAS…')

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

NOTE: THIS IS NOT THE LATEST VERSION. Please visit the OWASP Top 10 project page to find the latest edition.

Top 10 Introduction
Top 10 Risks

OWASP Top 10 Application Security Risks 2010


A2-Cross Site Scripting (XSS)

A3- Broken Authentication and Session Management

A4-Insecure Direct Object References

A5-Cross Site Request Forgery (CSRF)

A6-Security Misconfiguration

A7-Failure to Restrict URL Access

A8-Unvalidated Redirects and Forwards

A9-Insecure Cryptographic Storage

A10-Insufficient Transport Layer Protection

Top 10 Introduction
Top 10 Risks

© 2002-2010 OWASP Foundation This document is licensed under the Creative Commons Attribution-ShareAlike 3.0 license. Some rights reserved. CC-by-sa-3 0-88x31.png