Welcome to the OWASP Top Ten Project - if you're looking for the OWASP Top 10 Mobile Click Here
The OWASP Top 10 for 2013 is now officially released as of June 12, 2013.
Here is the OWASP Top 10 2013 - PDF document.
And the wiki version of the Top 10 for 2013 is here. Note: The wiki currently contains the content from the release candidate. It will take us up to a week to update the wiki version to match the final release.
This version was updated based on numerous comments received during the comment period after the release candidate was released in Feb. 2013.
The OWASP Top 10 - 2013 is as follows:
A1 Injection
A2 Broken Authentication and Session Management
A3 Cross-Site Scripting (XSS)
A4 Insecure Direct Object References
A5 Security Misconfiguration
A6 Sensitive Data Exposure
A7 Missing Function Level Access Control
A8 Cross-Site Request Forgery (CSRF)
A9 Using Known Vulnerable Components
A10 Unvalidated Redirects and Forwards
read and access additional info here.....https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
The OWASP Top 10 for 2013 is now officially released as of June 12, 2013.
Here is the OWASP Top 10 2013 - PDF document.
And the wiki version of the Top 10 for 2013 is here. Note: The wiki currently contains the content from the release candidate. It will take us up to a week to update the wiki version to match the final release.
This version was updated based on numerous comments received during the comment period after the release candidate was released in Feb. 2013.
The OWASP Top 10 - 2013 is as follows:
A1 Injection
A2 Broken Authentication and Session Management
A3 Cross-Site Scripting (XSS)
A4 Insecure Direct Object References
A5 Security Misconfiguration
A6 Sensitive Data Exposure
A7 Missing Function Level Access Control
A8 Cross-Site Request Forgery (CSRF)
A9 Using Known Vulnerable Components
A10 Unvalidated Redirects and Forwards
read and access additional info here.....https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project