OWASP Top Ten for 2013 has been released. Here is the Top Ten list:

A1 Injection

A2 Broken Authentication and Session Management

A3 Cross-Site Scripting (XSS)

A4 Insecure Direct Object References

A5 Security Misconfiguration

A6 Sensitive Data Exposure

A7 Missing Function Level Access Control

A8 Cross-Site Request Forgery (CSRF)

A9 Using Known Vulnerable Components

A10 Unvalidated Redirects and Forwards

Link: https://www.owasp.org/index.php/Top10

Document: http://owasptop10.googlecode.com/fil...20-%202013.pdf