MITRE has released a list of the top 25 most common and dangerous weaknesses plaguing software. The organization scored each weakness based on both severity and prevalence using Common Vulnerabilities and Exposures (CVE) data from 2018 and 2019 from the National Vulnerability Database. Cross-site scripting (XSS) tops the list. The list is designed to provide insight to the community at large into the most critical and current software security weaknesses, MITRE says. The weaknesses listed in MITRE’s 2020 CWE Top 25 are dangerous because attackers can potentially take full control of vulnerable systems, steal sensitive data.
Source: https://www.bleepingcomputer.com/news/security/mitre-shares-this-years-top-25-most-dangerous-software-bugs/