ediverse Explore the platform

Spotlight PEPPOL BIS Billing 3.0 The EU e-invoicing mandate is here — France Sept 2026, Belgium Jan 2026, Germany 2025.

OWASP-TOP-10-EDI

The reference list of the top 10 web/API security risks — 2017, 2021, 2025 editions.

Definition

OWASP Top 10 2021: A01 Broken Access Control, A02 Cryptographic Failures, A03 Injection, A04 Insecure Design, A05 Security Misconfiguration, A06 Vulnerable Components, A07 Identification/Authentication Failures, A08 Software & Data Integrity Failures, A09 Logging Failures, A10 SSRF. Highly relevant for EDI self-service portals.

Origin

Maintained by OWASP Foundation (Open Worldwide Application Security Project). First edition in 2003, updated every 3-4 years.

Example in context

Audit of a partner EDI portal revealing an IDOR (A01 Broken Access Control) allowing read of another partner INVOIC.

Last updated: May 14, 2026