Acunetix Premium - v13.0.201217092

New Features

• Big improvement in handling of CSRF tokens
• Added support for ShadowRoot
• Added support for MacOS Big Sur

New Vulnerability Checks

• New test for Zabbix authentication bypass / guest user
• New test for Typo3 Admin publicly accessible
• New test for Typo3 debug mode enabled
• New test for Oracle WebLogic Remote Code Execution via IIOP
• New test for Web Cache Poisoning DoS
• New test for client-side prototype pollution
• Improved web cache poisoning test
• New test for SAP IGS XXE (CVE-2018-2392, CVE-2018-2393)
• New test for Odoo LFI (CVE-2019-14322)
• New test for Unrestricted access to Odoo DB manager
• New test for Apache Unomi MVEL RCE (CVE-2020-13942)

Updates

• Updated the UI for the multi-engine system
• Multiple updates to the PHP AcuSensor
• Multiple updates to the Login Sequence Recorder
• Scanning engine updated to support using proxy server with NTLM Authentication

Fixes

• Fixed issue causing the browser to fail to launch on Kali
• Fixed issue causing AcuSensor not found message to not be displayed
• Fixed false positive in Zend Framework LFI via XXE
• Fixed false positive in Directory Traversal
• Fixed false positive in Cookie(s) with missing, inconsistent, or contradictory properties
• Fixed false positive in Apache Struts2 Remote Command Execution (S2-052)
• Fixed issue in highlighting of vulnerability in response
• Fixed issue with Slow Loris
• Fixed issue in WADL importer
• Fixed crash in scanner
• Fixed minor issues in Comprehensive Report
• Fixed issue causing Acunetix to lose license information