Top 10 list of web application vulnerabilities released

Companies wanting to better secure their web applications and services can start the process by reviewing the newly released Top 10 list of critical web application security problems recently disseminated by the Open Web Application Security Project (OWASP).

The list, now in its second year, is organized into the types of vulnerabilities that frequently occur in web applications and is in line with the current draft web security definitions that will be incorporated into the soon-to-be-released OASIS WAS XML standard. This year's Top 10 also has a new category for web application denial of service vulnerabilities, which have become more prevalent during the last 12 months.

The categories in this year's Top 10 are Unvalidated Input, Broken Access Control, Broken Authentication and Session Management, Cross Site Scripting Flaws, Buffer Overflows, Injection Flaws, Improper Error Handling, Insecure Storage, Denial of Service, and Insecure Configuration Management.

The complete Top 10 report is available for download at www.owasp.org

M365 portal buckling as demand for Copilot refunds soar

DVA trials ChatGPT-based tool with 300 staff

Microsoft launches 'superintelligence' team

In pictures: The 2025 iTnews Benchmark Security Awards winners

NAB hits milestone with tech role insourcing

Top 10 list of web application vulnerabilities released

Companies wanting to better secure their web applications and services can start the process by reviewing the newly released Top 10 list of critical web application security problems recently disseminated by the Open Web Application Security Project (OWASP).

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

The BoM has finally tamed SSL

Scores of Australian Cisco devices remain BADCANDY infected

US prosecutors say cyber security pros ran cybercrime operation

Tasmanian gov agencies impacted by cyber attack

Most popular tech stories

ABC drops Salesforce for Braze

Westpac Intelligence Layer breaks cover

Suncorp creates a "clear execution roadmap" for agentic AI

Uniting uses GenAI to cut admin burden for frontline care workers

Qantas' digital and customer head steps down

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

Photos: Australian industry explores data for net zero

Telstra Purple acquires IoT specialists Alliance Automation, Aqura Technologies

'Touch-free' smartphone controlled with head movements

Photos: The 2024 IoT Awards winners

M365 portal buckling as demand for Copilot refunds soar

DVA trials ChatGPT-based tool with 300 staff

Microsoft launches 'superintelligence' team

In pictures: The 2025 iTnews Benchmark Security Awards winners

NAB hits milestone with tech role insourcing

Top 10 list of web application vulnerabilities released

Companies wanting to better secure their web applications and services can start the process by reviewing the newly released Top 10 list of critical web application security problems recently disseminated by the Open Web Application Security Project (OWASP).

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

The BoM has finally tamed SSL

Scores of Australian Cisco devices remain BADCANDY infected

US prosecutors say cyber security pros ran cybercrime operation

Tasmanian gov agencies impacted by cyber attack

Most popular tech stories

ABC drops Salesforce for Braze

Westpac Intelligence Layer breaks cover

Suncorp creates a "clear execution roadmap" for agentic AI

Uniting uses GenAI to cut admin burden for frontline care workers

Qantas' digital and customer head steps down

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

Photos: Australian industry explores data for net zero

Telstra Purple acquires IoT specialists Alliance Automation, Aqura Technologies

'Touch-free' smartphone controlled with head movements

Photos: The 2024 IoT Awards winners

Log In