1  :hack:
 2  The difference between Broken Authention and Broken Access controls is that authentication allows you to assume someone else's identity or account, where as the access controls allow you to access things you shouldn't be able to under your current identity.
 3  
 4  = Top 10 insecurities = 
 5  Injections
 6  Cross Site Scripting ([[XSS]])
 7  XML External Entities (XEE)
 8  Broken Authentication
 9  Broken Access Controls
10  Security Misconfiguration
11  Insecure Deserialization
12  Using components with Known Vulns
13  Sensitive Data Exposure
14  Insufficient Logging