Risk
A8:2017 – Insecure Deserialization of the OWASP Top 10 Application Security Risks – 2017 states that “Insecure deserialization often leads to remote code execution. Even if deserialization flaws do not result in remote code execution, they can be used to perform attacks, including replay attacks, injection attacks, and privilege escalation attacks.”
What is the OWASP Top 10 2017?
The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications. Globally recognized by developers as the first step towards more secure coding.
Reference: