[Owasp-topten] SANS mention

Jeff Williams @ Aspect jeff.williams at aspectsecurity.com
Wed Jan 15 15:32:19 EST 2003


SANS mentions the top ten in their newsletter.  Certainly XSS is novel to web apps.

 --13 & 14 January 2003 Web Application Security Problems
The Open Web Application Security Project (OWASP) has listed what its
members feel are the most pressing web application security problems;
these include unvalidated parameters, broken access control and
cross-site scripting flaws.
http://www.gcn.com/vol1_no1/daily-updates/20862-1.html
http://www.theage.com.au/articles/2003/01/14/1041990273503.html
http://www.owasp.org/
[Editor's Note (Murray): These are not novel; they did not originate
with web applications. They were identified and enumerated decades
ago. We simply fail to teach them.]

--Jeff
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-topten/attachments/20030115/6330edbf/attachment.html 


More information about the Owasp-topten mailing list