Security Vulnerabilities Back
This chapter mainly focuses on vulnerabilities in web applications, and to note some common cases around them with their solutions at the same time. To make the knowledge more reliable, I have referred to some well known security communities like OWASP, CVE, etc.
In order to bring awareness to what threatens the integrity of websites, I would like to start a series of post on the OWASP top 10 security risks firstly:
- Broken Authentication
- Sensitive Data Exposure
- XML External Entities (XXE)
- Broken Access control
- Security misconfigurations
- Cross Site Scripting (XSS)
- Insecure Deserialization
- Using Components with known vulnerabilities
- Insufficient logging and monitoring
Such a list should be updated every three to four years by OWASP, and the last released year is 2019.