Security Misconfiguration

Security misconfigurations refers to any insecure configuration that could allow exploitation of a website or any of its back-end systems, such as servers and databases. Examples include unpatched systems, leaving default accounts available, and files that are not protected by authentication.