Javascript injection.
Executing requests on one website for another one while authenticated.
Prevents scripts from one origin to access private data on another origin.
Packet snooping.
SQL injection.
Let's encrypt.
Password hashing.
Tokens vs cookies.
Localhost vs direct.
Linux permissions.