Web application security is very much in its infancy – some security experts
believe this is going to be a major emerging area of technology. Nowadays web
apps are more complex and are based on a client-server architecture. This
architecture is evolving and we see web apps such as Google Apps acting as a
word processor, storing the files and allowing you to download the file onto
your PC. Facebook and the social web have also moved into Web apps hence the
recent coined phrase Web 3.0. This is the overview article in which author
points out the most current issues in area of Web App security, such as:
programming development, JavaScript API, AJAX programming, mobile security or
Facebook app security and authentification.

Souce:http://hakin9.org/an-overview-of-web-application-security-issues/

Security flaws in Web applications can allow attackers to steal data, plant
malicious code, or break into other internal systems
The number of security flaws being found in Web applications continues to
grow and will likely dominate the security agenda for years to come, according
to a report by application security vendor.
 Almost 80 percent of more than 3,000 software security flaws publicly
reported so far this year have been in Web technologies such as Web servers,
applications, plugins, and web browsers. That number is about 10 percent
higher than the number of flaws reported in the same period last year -- and
nine out of 10 of the flaws were found in commercial code

Source:http://www.infoworld.com/d/security-central/web-application-security-growing-problem-enterprises-843