APIs or Application Programming Interfaces are an important part of any modern web application. When properly designed they securely expose data to authenticated and authorized users. However, not everyone designs them the same, which is why OWASP came up with a list of the top security vulnerabilities to avoid.
The Open Web Application Security Project (OWASP) is a worldwide not-for-profit organization focused on improving the security of software. They put together a document containing the top 10 security vulnerabilities compiled through consensus of security experts from around the world.