Web Application Vulnerabilities and the Damage They Can Cause
The obvious risks to a security breach are that unauthorized individuals: 1) can gain access to restricted information and 2) may be able to escalate their privileges in order to compromise the application and the entire application environment. The areas that can be compromised include user and system administration accounts.
This chapter identifies the major classes of web application vulnerabilities, gives some examples of actual vulnerabilities found in real-life web application audits, and describes their associated level of risk. The classes are: