Are Java Web Application Secure?

In short, no!

Cross-site Scripting (XSS),  Injection Flaws, Malicious File Execution, Insecure Direct Object Reference, Cross site Request Forgery, Information Leakage and Improper Error Handling, Broken Authentication and Session Management, Insecure Chrytographic Storage, Insecure Communications, and Failure to restrict URL access
 

Read all 'bout it in this serverside article.

 

Developer