In this series, I will try to explain the most common attacks in a web application and how to mitigate those. Most web applications manipulate personal or business data which is very sensitive like passwords, emails, phone numbers, card information. Being exposed to the public, web applications naturally have a large attack surface and maybe features with a large number of various potentially vulnerable elements.

What are the most common vulnerabilities in a web application?

  1. Injection
  2. Broken Authentication
  3. Sensitive Data Exposure
  4. XML External Entities (XEE)
  5. Broken Access Control
  6. Security Misconfiguration
  7. Cross-Site Scripting (XSS)
  8. Insecure Deserialization
  9. Using Components with known vulnerabilities
  10. Insufficient logging and monitoring

Let's deep dive into all these…


I have been working as a software developer for more than 9 years. Reviewing the team members code is one of the tasks that I perform on daily basis. Since I am one of the senior developer within our teams, team members expect it to be correct and do not require code reviews. But I feel there is always possibilities of improvement. And there is always a better way.

For some developers, it can sometimes be daunting to review team members code, especially if that person has more experience, expertise or seniority than you do. But don’t be afraid! …

Purushottam Prajapati

Full stack developer, Principle Engineer, Software Architect

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store