OWASP top 10

*Valve - Injection
*Starwood - Insufficient Monitoring
*Uber - Broken Authentication
*Vanilla Forums - Insecure Deserialisation
In September 2018, a researcher on HackerOne identified an insecure deserialisation vulnerability
on Vanilla Forums, which allowed a determined attacker to achieve remote code execution