Content is hidden
Broken Authentication and Session Management
Failure to Invalidate Session
Cross-site scripting XSS
Authentication Bypass
Improper Access Control
Cross-Site Request Forgery (CSRF)
SQL Injection
No Rate Limiting on Form