Web Application Vulnerabilities (OWASP Top 10)
✓ Completed
The OWASP Top 10 lists the most critical security risks for web applications. This lesson dives into SQL injection, XSS, CSRF, broken authentication, and insecure direct object references — with live examples.
python
# VULNERABLE: string formatting
query = f"SELECT * FROM users WHERE email = '{user_input}'"
# SAFE: parameterised query (psycopg2)
cur.execute('SELECT * FROM users WHERE email = %s', (user_input,))