OWASP top before 2021
- injection/os injection
- broken authentication
- sensitive data exposure
- xxe
- broken access control
- security misconfiguration
- xss
- insecure deserialization (IDOR)
- component with known vuln
- insufficient logging and monitoring
Β
OWASP 2021
Β