published
updated
:▝▒▜▟:
The difference between Broken Authention and Broken Access controls is that authentication allows you to assume someone else's identity or account, where as the access controls allow you to access things you shouldn't be able to under your current identity.
Top 10 insecurities
Injections Cross Site Scripting (XSS) XML External Entities (XEE) Broken Authentication Broken Access Controls Security Misconfiguration Insecure Deserialization Using components with Known Vulns Sensitive Data Exposure Insufficient Logging