An updated build of Acunetix WVS Version 7 was released, featuring further DOM XSS checks improvements and addresses a number of bug fixes.

New features:

  • DOM XSS will now report the filename in which the attack was executed
  • DOM XSS checks on document.open, window.open, window.navigate and more

Bug fixes:

  • Fixed: Aborting analysis while executing events not always worked in CSA
  • Fixed: CSA engine crashing with “worker already executing” exception
  • Fixed: Crawler was not considering maximum number of variations in case of links from comments
  • Fixed: In some cases during a WSDL service scan, port address query params where not properly used
  • Fixed: False positive for ASP.NET padding oracle test
  • Bugfix: HTML parser; Fixed regex for extracting URLs from HTML comments

How to upgrade to build 20101216:

On starting up Acunetix WVS, a pop up window will automatically notify you that a more recent build is available for download.  To download the latest build, navigate to General > Program Updates node in the Tools explorer, and click on Download and Install new build.

Click here for the complete Acunetix WVS change log.

SHARE THIS POST
THE AUTHOR
Acunetix

Acunetix developers and tech agents regularly contribute to the blog. All the Acunetix developers come with years of experience in the web security sphere.