1 Reply Latest reply on Nov 28, 2014 10:31 AM by Gulam Samdani

    OWASP secuirty for JSF2.2

    Gulam Samdani Expert

      is JSF2.2 by default owasp supported ?

       

          if not , which security need customize/optimized  for JSF based webapp ?

       

         OWASP security -----------------------------

       

         A1 – Injection

         A2 – Broken Authentication and Session Management

         A3 – Cross-Site Scripting (XSS)

         A4 – Insecure Direct Object References

         A5 – Security Misconfiguration

         A6 – Sensitive Data Exposure

         A7 – Missing Function Level Access Control

         A8 – Cross-Site Request Forgery (CSRF)

         A9 – Using Known Vulnerable Components

         A10 – Unvalidated Redirects and Forwards