wiredmikey (1824622) writes "After examining critical vulnerabilities from more than 3,000 websites from 400 organizations during the 2010 calendar year, WhiteHat researchers claim that Information Leakage (just barely, by a few tenths of a percent!) overtook Cross-Site Scripting (XSS) as the most common website vulnerability, with 64 percent of Web sites having at least one Information Leakage vulnerability in 2010.
Information Leakage describes a vulnerability in which a website reveals sensitive data, such as technical details of the Web application, environment, or user-specific data.
In addition, the report shows that during 2010, the average Web site researchers examined had 230 serious vulnerabilities. Also,the report notes that the average Web site fell into the "always" and "frequently" vulnerable categories and was exposed more than 270 days of the year."
Link to Original Source