Web applications are one of the targets in information security attacks. Many security holes can be exploited can be source of damage and operational disruption of the application itself and even the IT infrastructure in i t Web Application Security Issues usually relate to problems that the developer or the owner may not aware or tend to ignore the issues. The main objective is to enumerate, describe and analyze security issues of the government official web application in Indonesia. The issues covers technical, environment and support issues of application development configuration and security governance. Technical and environment issues identified using application vulnerability scanners tools. The result shows that web applications have most weakness in configuration issues, both application and security configuration. All of weaknesses that identified relate to technical development application environment and support. The state of the art of the work lay on that how to improve the quality of web application development which often ignore security requirement during design, development and deployment. That conditions may raise security issue when the web application has published that may affect other systems. The work recommend several approach to handle the security issues as a contribution to developer and the owner to fix the issues.