OWASP API Security Top 10
2023The OWASP API Security Top 10 (2023) focuses on the unique security risks that APIs face, beyond traditional web application vulnerabilities.
API1:2023Broken Object Level AuthorizationCriticalAPI2:2023Broken AuthenticationCriticalAPI3:2023Broken Object Property Level AuthorizationHighAPI4:2023Unrestricted Resource ConsumptionHighAPI5:2023Broken Function Level AuthorizationHighAPI6:2023Unrestricted Access to Sensitive Business FlowsHighAPI7:2023Server Side Request ForgeryHighAPI8:2023Security MisconfigurationHighAPI9:2023Improper Inventory ManagementMediumAPI10:2023Unsafe Consumption of APIsMedium