[Owasp-leaders] OWASP Top 10 Inconsistencies

Dave Wichers dave.wichers at owasp.org
Mon Apr 26 21:53:40 EDT 2010

Right. Thanks for pointing this out. The wiki version was started based on
the RC and the ordering wasn't updated to match the final release and I
didn't catch that. Good catch!!


I will have Neil fix this right away. I already told the WASC guys that it
was reordered and they know that, so hopefully their document will be
updated soon.


Thanks, Dave


From: owasp-leaders-bounces at lists.owasp.org
[mailto:owasp-leaders-bounces at lists.owasp.org] On Behalf Of Mandeep Khera
Sent: Monday, April 26, 2010 8:34 PM
To: owasp-leaders at lists.owasp.org
Cc: Mandeep Khera
Subject: [Owasp-leaders] OWASP Top 10 Inconsistencies


Dear all 


As we were going through the Top 10 categories, I noticed some
inconsistencies in the OWASP documents that might cause some confusion and
we should fix. 


So, the pdf and the main page -
http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project#tab=Main with
the high level categories match fine.  


However, when you go to the wiki page -
http://www.owasp.org/index.php/Top_10_2010-Main  - the top 10 risk
categories are the same but the reference numbers of A7 through A10 are
inconsistent.  On the wiki page, A7 should be A8, A8 should be A10, A9
should be A7, and A10 should be A9 to make it consistent with the other


Also, the mapping done by the WASC is based on this Wiki page and will need
to be fixed as well -





Mandeep Khera


Bay Area Chapter Leader


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20100426/6767f1ec/attachment.html 

More information about the OWASP-Leaders mailing list