The new OWASP Top Ten can be seen below:
A1 – Injection
A2 – Cross Site Scripting XSS
A3 – Broken Authentication and Session Management
A4 – Insecure Direct Object References
A5 – Cross Site Request Forgery (CSRF
A6 – Security Misconfiguration(NEW
A7 – Failure to Restrict URL Access
A8 – Unvalidated Redirects and Forwards (NEW
A9 – Insecure Cryptographic Storage
A10 – Insufficient Transport Layer Protection