Weaknesses in OWASP Top Ten (2013)

A view in the Common Weakness Enumeration published by The MITRE Corporation.


Objective

Views in the Common Weakness Enumeration (CWE) represent one perspective with which to consider a set of weaknesses.

CWE nodes in this view (graph) are associated with the OWASP Top Ten, as released in 2013. This view is considered obsolete as a newer version of the OWASP Top Ten is available.

Target Audience

Educators

Since the OWASP Top Ten covers the most frequently encountered issues, this view can be used by educators as training material for students.

Product Customers

This view outlines the most important issues as identified by the OWASP Top Ten (2013 version), providing customers with a way of asking their software developers to follow minimum expectations for secure code.

Software Developers

This view outlines the most important issues as identified by the OWASP Top Ten (2013 version), providing a good starting point for web application developers who want to code more securely.

Categories

Deprecated or Obsolete

OWASP Top Ten 2013 Category A1 - Injection

Weaknesses in this category are related to the A1 category in the OWASP Top Ten 2013.

OWASP Top Ten 2013 Category A2 - Broken Authentication and Session Management

Weaknesses in this category are related to the A2 category in the OWASP Top Ten 2013.

OWASP Top Ten 2013 Category A3 - Cross-Site Scripting (XSS)

Weaknesses in this category are related to the A3 category in the OWASP Top Ten 2013.

OWASP Top Ten 2013 Category A4 - Insecure Direct Object References

Weaknesses in this category are related to the A4 category in the OWASP Top Ten 2013.

OWASP Top Ten 2013 Category A5 - Security Misconfiguration

Weaknesses in this category are related to the A5 category in the OWASP Top Ten 2013.

OWASP Top Ten 2013 Category A6 - Sensitive Data Exposure

Weaknesses in this category are related to the A6 category in the OWASP Top Ten 2013.

OWASP Top Ten 2013 Category A7 - Missing Function Level Access Control

Weaknesses in this category are related to the A7 category in the OWASP Top Ten 2013.

OWASP Top Ten 2013 Category A8 - Cross-Site Request Forgery (CSRF)

Weaknesses in this category are related to the A8 category in the OWASP Top Ten 2013.

OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

OWASP Top Ten 2013 Category A10 - Unvalidated Redirects and Forwards

Weaknesses in this category are related to the A10 category in the OWASP Top Ten 2013.

See Also

  1. Top 10 2013

Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.