I am developing a form for financial site having sensible data. What could be the security loop holes which should i fixed at time of development. Please provide me the points to which i should care about.
Have an understanding of XSS, SQL injection and Email injection and how these exploits work. Look into SSL and encryption too. The following books also will be helpful: Developer's Guide to Web Application Security The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws How to Break Web Software: Functional and Security Testing of Web Applications and Web Services