Weaknesses in OWASP Top Ten (2007)

A view in the Common Weakness Enumeration published by The MITRE Corporation.


Objective

Views in the Common Weakness Enumeration (CWE) represent one perspective with which to consider a set of weaknesses.

CWE nodes in this view (graph) are associated with the OWASP Top Ten, as released in 2007. This view is considered obsolete as a newer version of the OWASP Top Ten is available.

Target Audience

Educators

Since the OWASP Top Ten covers the most frequently encountered issues, this view can be used by educators as training material for students.

Product Customers

This view outlines the most important issues as identified by the OWASP Top Ten (2007 version), providing customers with a way of asking their software developers to follow minimum expectations for secure code.

Software Developers

This view outlines the most important issues as identified by the OWASP Top Ten (2007 version), providing a good starting point for web application developers who want to code more securely.

Categories

Deprecated or Obsolete

OWASP Top Ten 2007 Category A1 - Cross Site Scripting (XSS)

Weaknesses in this category are related to the A1 category in the OWASP Top Ten 2007.

OWASP Top Ten 2007 Category A2 - Injection Flaws

Weaknesses in this category are related to the A2 category in the OWASP Top Ten 2007.

OWASP Top Ten 2007 Category A3 - Malicious File Execution

Weaknesses in this category are related to the A3 category in the OWASP Top Ten 2007.

OWASP Top Ten 2007 Category A4 - Insecure Direct Object Reference

Weaknesses in this category are related to the A4 category in the OWASP Top Ten 2007.

OWASP Top Ten 2007 Category A5 - Cross Site Request Forgery (CSRF)

Weaknesses in this category are related to the A5 category in the OWASP Top Ten 2007.

OWASP Top Ten 2007 Category A6 - Information Leakage and Improper Error Handling

Weaknesses in this category are related to the A6 category in the OWASP Top Ten 2007.

OWASP Top Ten 2007 Category A7 - Broken Authentication and Session Management

Weaknesses in this category are related to the A7 category in the OWASP Top Ten 2007.

OWASP Top Ten 2007 Category A8 - Insecure Cryptographic Storage

Weaknesses in this category are related to the A8 category in the OWASP Top Ten 2007.

OWASP Top Ten 2007 Category A9 - Insecure Communications

Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2007.

OWASP Top Ten 2007 Category A10 - Failure to Restrict URL Access

Weaknesses in this category are related to the A10 category in the OWASP Top Ten 2007.

See Also

  1. Top 10 2007

Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.