diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/lessons/Category.java b/webgoat-container/src/main/java/org/owasp/webgoat/lessons/Category.java
index 7d47892ab..6f42e26b7 100644
--- a/webgoat-container/src/main/java/org/owasp/webgoat/lessons/Category.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/lessons/Category.java
@@ -38,24 +38,25 @@ public enum Category {
 
     INTRODUCTION("Introduction", new Integer(5)),
     GENERAL("General", new Integer(100)),
-    ACCESS_CONTROL("Access Control Flaws", new Integer(200)),
-    AJAX_SECURITY("AJAX Security", new Integer(400)),
-    AUTHENTICATION("Authentication Flaws", new Integer(500)),
-    BUFFER_OVERFLOW("Buffer Overflows", new Integer(600)),
-    CODE_QUALITY("Code Quality", new Integer(700)),
-    CONCURRENCY("Concurrency", new Integer(800)),
-    XSS("Cross-Site Scripting (XSS)", new Integer(900)),
-    ERROR_HANDLING("Improper Error Handling", new Integer(1000)),
-    INJECTION("Injection Flaws", new Integer(1100)),
-    DOS("Denial of Service", new Integer(1200)),
-    INSECURE_COMMUNICATION("Insecure Communication", new Integer(1300)),
-    INSECURE_CONFIGURATION("Insecure Configuration", new Integer(1400)),
-    INSECURE_STORAGE("Insecure Storage", new Integer(1500)),
+    INJECTION("Injection Flaws", new Integer(200)),
+    AUTHENTICATION("Authentication Flaws", new Integer(300)),
+    XSS("Cross-Site Scripting (XSS)", new Integer(400)),
+    ACCESS_CONTROL("Access Control Flaws", new Integer(500)),
+    INSECURE_CONFIGURATION("Insecure Configuration", new Integer(600)),
+    INSECURE_COMMUNICATION("Insecure Communication", new Integer(700)),
+    INSECURE_STORAGE("Insecure Storage", new Integer(800)),
+    REQUEST_FORGERIES("Request Forgeries", new Integer(900)),
+    VULNERABLE_COMPONENTS("Vulnerable Components - A9", new Integer(950)),
+    AJAX_SECURITY("AJAX Security", new Integer(1000)),
+    BUFFER_OVERFLOW("Buffer Overflows", new Integer(1100)),
+    CODE_QUALITY("Code Quality", new Integer(1200)),
+    CONCURRENCY("Concurrency", new Integer(1300)),
+    ERROR_HANDLING("Improper Error Handling", new Integer(1400)),
+    DOS("Denial of Service", new Integer(1500)),
     MALICIOUS_EXECUTION("Malicious Execution", new Integer(1600)),
     CLIENT_SIDE("Client side", new Integer(1700)),
     SESSION_MANAGEMENT("Session Management Flaws", new Integer(1800)),
     WEB_SERVICES("Web Services", new Integer(1900)),
-    VULNERABLE_COMPONENTS("Vulnerable Components - A9", new Integer(1950)),
     ADMIN_FUNCTIONS("Admin Functions", new Integer(2000)),
     CHALLENGE("Challenges", new Integer(3000));