OWASP Top 10 Lists

#	2021	2017	2013
1	Broken Access Control	Injection	Injection
2	Cryptographic Failures	Broken Authentication	Broken Authentication and Session Management
3	Injection	Sensitive Data Exposure	Cross-Site Scripting (XSS)
4	Insecure Design	XML External Entities (XXE)	Insecure Direct Object References
5	Security Misconfiguration	Broken Access Control	Security Misconfiguration
6	Vulnerable and Outdated Components	Security Misconfiguration	Sensitive Data Exposure
7	Identification and Authentication Failures	Cross-Site Scripting (XSS)	Missing Function Level Access Control
8	Software and Data Integrity Failures	Insecure Deserialization	Cross-Site Request Forgery (CSRF)
9	Security Logging and Monitoring Failures	Using Components with Known Vulnerabilities	Using Components with Known Vulnerabilities
10	Server-Side Request Forgery	Insufficient Logging & Monitoring	Unvalidated Redirects and Forwards

#	2010	2007	2004
1	Injection	Cross-Site Scripting (XSS)	Unvalidated Input
2	Cross-Site Scripting (XSS)	Injection Flaws	Broken Access Control
3	Broken Authentication and Session Management	Malicious File Execution	Broken Authentication and Session Management
4	Insecure Direct Object References	Insecure Direct Object Reference	Cross Site Scripting
5	Cross-Site Request Forgery (CSRF)	Cross-Site Request Forgery (CSRF)	Buffer Overflow
6	Security Misconfiguration	Information Leakage and Improper Error Handling	Injection Flaws
7	Insecure Cryptographic Storage	Broken Authentication and Session Management	Improper Error Handling
8	Failure to Restrict URL Access	Insecure Cryptographic Storage	Insecure Storage
9	Insufficient Transport Layer Protection	Insecure Communications	Application Denial of Service
10	Unvalidated Redirects and Forwards	Failure to Restrict URL Access	Insecure Configuration Management

Provide feedback