The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software. Every year they publish a list of "top-10" security vulnerabilities in web applications. Due to their position as an independent authority many organizations use this as a base on which to validate how secure their applications are. The DNN Security team regularly review any changes in the OWASP top 10 list and ensure that we have adequate auditing, automated scanning and continuous integration checks to ensure that we are compliant.
OWASP Top 10
The current (and previous) top-10 list can be found here
. OWASP do not update the list every year, but as they do this wiki page will continue to expand to cover any newly published lists and detail how DNN protects against these issues
The following is a list of pages which contain analysis of recently published OWASP top 10 lists.