Skip to main content

OWASP updates top 10 vulnerability ranking for first time since 2017

posted onSeptember 15, 2021
by l33tdawg
ZDNet
Credit: ZDNet

Nonprofit foundation Open Web Application Security Project (OWASP) has released an updated draft of its ranking of the top 10 vulnerabilities, the first changes to the list since November 2017.

The new list features considerable changes, including the emergence of Broken Access Control, which moved from fifth on the list to number 1. The organization said 94% of applications have been tested for some form of broken access control and "the 34 CWEs mapped to Broken Access Control had more occurrences in applications than any other category."

Cryptographic Failures also moved up the list to number 2 due to its connection to sensitive data exposure and system compromise. Injection moved down to the third spot but OWASP noted that 94% of the applications were tested for some form of injection, which now includes cross-site scripting.

Source

Tags

Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th