This is a fairly common question in Senior-level interviews, and it is a standard way to check whether a candidate keeps up with security trends. Usually, you will first be asked about the essence of the project itself, after which you may be asked about the most critical vulnerabilities at the moment.
OWASP Top 10 is a list of the 10 most common and most dangerous security risks in the web, published by OWASP (Open Worldwide Application Security Project). You need to follow it in order to understand how to protect your applications or APIs.
Also, most people do not follow it and have probably never gone beyond XSS, so you can use the OWASP Top 10 as a trump card in an interview that can significantly increase your chances of success.