M1: Weak Server Side Controls
|
M1: Improper Platform Usage
|
M2: Insecure Data Storage
|
M2: Insecure Data Storage
|
M3: Insufficient Transport Layer Protection
|
M3: Insecure Communication
|
M4: Unintended Data Leakage
|
M4: Insecure Authentication
|
M5: Poor Authorization and Authentication
|
M5: Insufficient Cryptography
|
|
M6: Insecure Authorization
|
M7: Client Side Injection
|
|
M8: Security Decisions Via Untrusted Inputs
|
|
M9: Improper Session Handling
|
|
M10: Lack of Binary Protections
|
M10: Extraneous Functionality
|