Although there is seemingly an infinite number of security weaknesses in web applications, according to Huseby the majority of these weaknesses may be grouped into just two categories: