Security Vulnerability Guide
This section lists important vulnerabilities applicable to modern API driven applications.
OWASP API Top 10
OWASP Web Top 10
|Server Side Request Forgery
This section lists issues related to API security and resilience, but which cannot be purely categorized as security vulnerabilities.
|API Schema Non Conformance
|Unexpected 5XX Server Errors
|Undocumented Response Codes
|Inadequate Response Headers
|Incorrect Response Content Types
|Incorrect Response Body
Baseline Security Controls are a minimum set of foundational controls that APIs should implement. These are based on security best practices.
This section lists vulnerabilities arising due to the violation of these security controls. A number of these issues are applicable to OWASP API A7.