A list of the top 10 most critical Web application security problems
The list includes the following: Unvalidated parameters: In this scenario, information from Web requests isn’t validated before the Web application uses it. Attackers can use these flaws to attack backside components through a Web application. Broken access control: Organizations fail to enforce restrictions on what authenticated users are allowed to do. Attackers can exploit these flaws to access other users’ accounts, view sensitive files, or use unauthorized functions. Broken account and session management: Account credentials and session tokens aren’t properly protected. Attackers that can compromise passwords, keys, session cookies, or other tokens can defeat authentication restrictions and assume other users’ [...]
Categories: Concept, Internet Security, Security Testing Tags: Application security, security testing, top 10 security threats
