Tag: owasp-top10 — Code Glossary - CodeClarityLab

Browse by Category

+ added · ✎ updated 7d

⚖ Terms of Use

Sort A → Z Recently Added Recently Updated Difficulty Most Viewed Most Rated Most Shared

Level All Beginner Intermediate Advanced Tag: owasp-top10 ✕

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Client-Side Template Injection (CSTI)

Attacker-controlled input rendered as a template expression by a client-side framework (AngularJS, Vue, Handlebars), executing JavaScript in the victim's browser.

CWE-1336 OWASP A3:2021

1w ago security advanced 7.5

Business Logic Vulnerability

Flaws in application workflow allow attackers to abuse legitimate features in unintended ways.

CWE-840 OWASP A4:2021

2mo ago security advanced 7.5

Insecure Deserialization PHP 5.0+

Untrusted data passed to unserialize() can trigger PHP magic methods and lead to remote code execution.

CWE-502 OWASP A8:2021

2mo ago security advanced 9.8

Diagram: Server-Side Request Forgery (SSRF)

Server-Side Request Forgery (SSRF) PHP 5.0+

The server is tricked into making HTTP requests to internal or unintended destinations on behalf of the attacker.

CWE-918 OWASP A10:2021

2mo ago security advanced 8.6

XML External Entity (XXE) PHP 5.0+

A vulnerable XML parser processes external entity references, letting attackers read local files or trigger SSRF.

CWE-611 OWASP A5:2021

2mo ago security advanced 8.2

✓ schema.org compliant