The Web Application Security Consortium has released a paper (PDF link) on threat classification. Its intention is to clarify and organize the threats to the security of a Web site. The goals of this project:
- Identify all known web application security classes of attack.
- Agree on naming for each class of attack.
- Develop a structured manner to organize the classes of attack.
- Develop documentation that provides generic descriptions of each class of attack.
Definitely an interesting read if you are concerned about Web site security.