The document summarizes the findings of a study that tested over 5,000 web applications for vulnerabilities. It found that 99% of applications had at least one vulnerability, and 82% had at least one high or critical vulnerability. The most common vulnerability was cross-site scripting (61%). The banking industry had the fewest vulnerabilities while retail had the most. On average, each application contained 35 vulnerabilities.