Source: http://www.owasp.org.cn/owasp-project/owaspapisecuritytop10.pdf