The Open Web Application Security Project has updated its widely used, if somewhat disputed, ranking of top Web application security vulnerabilities. OWASP’s Top 10 list for 2017 replaces three vulnerability categories from the previous list with new ones and shuffles a couple of others around. Cross-site scripting errors, which ranked third in 2013, dropped to the seventh spot in this year’s ranking. The list was compiled using community feedback, from data collected from dozens of organizations that specialized in application security and from a survey of more than 500 individuals.”]
Source: https://www.darkreading.com/application-security/new-owasp-top-10-list-includes-three-new-web-vulns