Common Vulnerabilities
On January 13, 2003, The Open Web Application Security Project (OWASP, for short), an open source project dedicated to development of secure Web applications and Web services, published a report titled OWASP Top Ten Web Application Security Vulnerabilities, listing the top ten critical vulnerabilities for Web applications. This list is reproduced in Table 9-2. The complete report is also available online at OWASP homepage http://www.owasp.org and is complementary to our brief coverage here.
Vulnerability | Brief Description | |
---|---|---|
A1 | Unvalidated Parameters | Information from Web requests is not validated before being used by a Web application. Attackers can use these flaws to attack backend ... |
Get J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.