Replace vulnerability list with link to wiki as source of truth

Instead of maintaining a duplicate list of vulnerabilities in the README,
point users to the wiki where the complete and authoritative list exists
with full tutorials and explanations.

This keeps the wiki as the single source of truth for vulnerability
documentation while still giving README readers a high-level overview.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

README.md

@@ -14,21 +14,9 @@ RailsGoat is an intentionally insecure Rails application designed to teach web a
 
 ## Vulnerabilities Included
 
-RailsGoat includes examples of these security issues:
+RailsGoat demonstrates real-world security vulnerabilities from the OWASP Top 10, including SQL injection, cross-site scripting (XSS), authentication issues, insecure direct object references, and more.
 
-- **SQL Injection** - Unsafe database queries
-- **Cross-Site Scripting (XSS)** - Unescaped user input
-- **Cross-Site Request Forgery (CSRF)** - Missing request validation
-- **Insecure Direct Object Reference** - Unauthorized data access
-- **Mass Assignment** - Unprotected model attributes
-- **Authentication Issues** - Weak login mechanisms
-- **Sensitive Data Exposure** - Cleartext storage of SSNs and weak password hashing
-- **Missing Access Controls** - Unauthorized admin access
-- **Command Injection** - Unsafe system command execution
-- **Unvalidated Redirects** - Open redirect vulnerabilities
-- **Password Complexity Issues** - Insufficient password requirements
-
-Each vulnerability includes a failing test that demonstrates the security flaw and a wiki tutorial explaining the attack and remediation.
+For a complete list of vulnerabilities with detailed explanations and tutorials, visit the [RailsGoat Wiki](https://github.com/OWASP/railsgoat/wiki).
 
 ## Quick Start