Weaknesses in OWASP Top Ten (2004)
|ID: 711||Date: (C)2012-05-14 (M)2012-11-08|
|Type: view||Status: INCOMPLETE|
This view outlines the most important issues as identified by the
OWASP Top Ten (2004 version), providing a good starting point for web
application developers who want to code more securely, as well as
complying with PCI DSS 1.1.
CWE nodes in this view (graph) are associated with the OWASP Top Ten, as
released in 2004, and as required for compliance with PCI DSS version
RelationshipsCWE relationships for this view were obtained by examining the OWASP
document and mapping to any items that were specifically mentioned within
the text of a category. As a result, this mapping is not complete with
respect to all of CWE. In addition, some concepts were mentioned in multiple
Top Ten items, which caused them to be mapped to multiple CWE categories.
For example, SQL injection is mentioned in both A1 (CWE-722) and A6
|CWE-711 HasMember CWE-731 ||Category ||7 || |
White Box Definitions None
Black Box Definitions None
- .Top 10 2004. OWASP. 2004-01-27.
- PCI Security Standards Council .About the PCI Data Security Standard (PCI