OWASP Top Ten Project 2013

In the forthcoming weeks I’ll address the top ten from the Open Web Application Security Project (OWASP) with Intershop Commerce Management from 2013 as the update of 2016 will take a little bit longer. As soon as the update comes out I’ll make an update.

1. Injection
2. Broken Authentication and Session Management
3. Cross-Site Scripting (XSS)
4. Insecure Direct Object References
5. Security Misconfiguration
6. Sensitive Data Exposure
7. Missing Function Level Access Control
8. Cross-Site Request Forgery (CSRF)
9. Using Components with Known Vulnerabilities
10. Unvalidated Redirects and Forwards