Cross Site scripting

Identity Theft, Sensitive Information Leakage, …

Hackers can impersonate legitimate users, and control their accounts.

Injection Flaws

Attacker can manipulate queries to the DB / LDAP / Other system

Hackers can access backend database information, alter it or steal it.

Malicious File Execution

Execute shell commands on server, up to full control

Site modified to transfer all interactions to the hacker.

Insecure Direct Object Reference

Attacker can access sensitive files and resources

Web application returns contents of sensitive file (instead of harmless one)

Cross-Site Request Forgery

Attacker can invoke “blind” actions on web applications, impersonating as a trusted user

Blind requests to bank account transfer money to hacker

Information Leakage and Improper Error Handling

Attackers can gain detailed system information

Malicious system reconnaissance may assist in developing further attacks

Broken Authentication & Session Management

Session tokens not guarded or invalidated properly

Hacker can “force” session token on victim; session tokens can be stolen after logout

Insecure Cryptographic Storage

Weak encryption techniques may lead to broken encryption

Confidential information (SSN, Credit Cards) can be decrypted by malicious users

Insecure Communications

Sensitive info sent unencrypted over insecure channel

Unencrypted credentials “sniffed” and used by hacker to impersonate user

Failure to Restrict URL Access

Hacker can access unauthorized resources

Hacker can forcefully browse and access a page past the login page