There are lot of possible mistakes that can compromise the security of the application, such as the following:
- Using insecure third-party libraries inside an application, which may contain security vulnerabilities
- Not filtering the user-provided input to the application
- Storing security-sensitive data unencrypted inside an application
- Not implementing proper restrictions to control access to the internal infrastructure