5 Dangerous Web Application Flaws Coveted By Attackers

Session Management Most Common Error

Attackers can take advantage of poorly implemented session management, enabling them to interject themselves as valid website users. Session management vulnerabilities were detected in 80 percent of applications tested in 2012, more than any other application vulnerability class, according to Cenzic. Software security experts at the Open Web Application Security Project say the use of an application framework with built-in session management capabilities is key to developing an application that maintains user actions within unique sessions. The group discourages developers from implementing their own session management.

Get a roundup of CRN's security coverage right to your inbox with the Security Advisor newsletter.