OWASP-ID,OWASP Name,NIST-ID,Rev,NIST Name A1,Injection,SI-10,4,Information Input Validation A2,Broken Authentication,SC-23,4,Session Authenticity A3,Sensitive Data Exposure,SI-11,4,Error Handling A4,XML External Entities (XXE),SI-10,4,Information Input Validation A5,Broken Access Control,AC-3,4,Access Enforcement A6,Security Misconfiguration,CM-6,4,Configuration Settings A7,Cross-Site Scripting (XSS),SI-10,4,Information Input Validation A8,Insecure Deserialization,SC-23,4,Session Authenticity A9,Using Components with Known Vulnerabilities,SI-2,4,Flaw Remediation A10,Insufficient Logging&Monitoring,AU-12,4,Audit Generation