CWE nodes in this view (graph) are associated with the OWASP Top Ten, as released in 2010. This view is considered obsolete as a newer version of the OWASP Top Ten is available.
This view outlines the most important issues as identified by the OWASP Top Ten (2010 version), providing a good starting point for web application developers who want to code more securely.
This view outlines the most important issues as identified by the OWASP Top Ten (2010 version), providing customers with a way of asking their software developers to follow minimum expectations for secure code.
Since the OWASP Top Ten covers the most frequently encountered issues, this view can be used by educators as training material for students.
|CWE-810||OWASP Top Ten 2010 Category A1 - Injection|
|CWE-811||OWASP Top Ten 2010 Category A2 - Cross-Site Scripting (XSS)|
|CWE-812||OWASP Top Ten 2010 Category A3 - Broken Authentication and Session Management|
|CWE-813||OWASP Top Ten 2010 Category A4 - Insecure Direct Object References|
|CWE-814||OWASP Top Ten 2010 Category A5 - Cross-Site Request Forgery(CSRF)|
|CWE-815||OWASP Top Ten 2010 Category A6 - Security Misconfiguration|
|CWE-816||OWASP Top Ten 2010 Category A7 - Insecure Cryptographic Storage|
|CWE-817||OWASP Top Ten 2010 Category A8 - Failure to Restrict URL Access|
|CWE-818||OWASP Top Ten 2010 Category A9 - Insufficient Transport Layer Protection|
|CWE-819||OWASP Top Ten 2010 Category A10 - Unvalidated Redirects and Forwards|
The relationships in this view are a direct extraction of the CWE mappings that are in the 2010 OWASP document. CWE has changed since the release of that document.