CodeClarityLab / Glossary
Ctrl K
← CodeClarityLab Home
Browse by Category
+ added · updated 7d
⚖ Terms of Use

Security terms

8 terms of 1444 total

🔒 Defending code from the threats that never sleep

Security vulnerabilities do not announce themselves — they wait quietly in code that looks perfectly fine on the surface. This category covers attack vectors, defensive techniques, secure coding practices, and the mental models that help you think like an attacker before one finds you. From SQL injection and XSS to authentication flaws and cryptographic pitfalls, understanding these terms is not optional — it is professional responsibility.

Sort A → Z Recently Added Recently Updated Difficulty Most Viewed Most Rated Most Shared
Level All Beginner Intermediate Advanced
✕ Clear A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
OAuth 2.0
An authorisation framework that lets users grant third-party applications limited access to their resources without sharing passwords — using short-lived access tokens issued via defined flows for different client types.
CWE-287 OWASP A7:2021
4w ago security intermediate
OWASP API Security Top 10
The OWASP API Security Top 10 lists the most critical API vulnerabilities — a separate list from the web application Top 10, covering risks specific to REST, GraphQL, and other API surfaces such as broken object-level authorisation and unrestricted resource consumption.
2mo ago security intermediate
Object Cloning & Security Implications PHP 5.0+
clone creates a shallow copy — nested objects are still shared references. Implement __clone() for deep copy and audit what sensitive state gets duplicated.
2mo ago security intermediate
Diagram: OAuth 2.0 Vulnerabilities OAuth 2.0 Vulnerabilities
Misimplemented OAuth flows expose applications to CSRF, token theft, open redirects, and account takeover.
CWE-287 OWASP A2:2021
2mo ago security advanced 8.1
Open Redirect PHP 5.0+
A redirect destination taken from user input can send victims to attacker-controlled sites, enabling phishing.
CWE-601 OWASP A1:2021
2mo ago security beginner 6.1
Open Source Dependency Risk
Third-party packages introduce supply-chain attack surface — malicious code, abandoned maintainers, and known CVEs can all compromise your application.
CWE-1395 OWASP A6:2021
2mo ago security intermediate
open_basedir Restriction PHP 4.0+
A PHP INI directive that restricts file operations to a specified directory tree, limiting the blast radius of path traversal and LFI attacks.
CWE-22 OWASP A5:2021
2mo ago security intermediate
OWASP Top 10 PHP 5.0+
The ten most critical web application security risk categories, published by OWASP and updated periodically.
2mo ago security beginner
✓ schema.org compliant