Resource: OWASP Top 10
According to Wikipedia, the OWASP Top 10 List of Web Application Security Risks aims to raise awareness about application security by identifying some of the most critical risks facing organizations. Many standards, books, tools, and organizations reference the Top 10 project, including MITRE, PCI-DSS, Defense Information Systems Agency (DISA–STIG), the United States Federal Trade Commission (FTC), and many more.