1 Reply Latest reply on Nov 28, 2014 10:31 AM by gulam samdani

    OWASP secuirty for JSF2.2

    gulam samdani Expert

      is JSF2.2 by default owasp supported ?


          if not , which security need customize/optimized  for JSF based webapp ?


         OWASP security -----------------------------


         A1 – Injection

         A2 – Broken Authentication and Session Management

         A3 – Cross-Site Scripting (XSS)

         A4 – Insecure Direct Object References

         A5 – Security Misconfiguration

         A6 – Sensitive Data Exposure

         A7 – Missing Function Level Access Control

         A8 – Cross-Site Request Forgery (CSRF)

         A9 – Using Known Vulnerable Components

         A10 – Unvalidated Redirects and Forwards