Acunetix Premium - v12.0.190703137

New Vulnerability Checks

  • New test for Joomla! Core CSV Injection vulnerability check [CVE-2019-12765]
  • New test for Joomla! Core XSS vulnerability check (CVE-2019-12766)
  • New test for Joomla! Core Security bypass (CVE-2019-12764)
  • New test for Oracle Weblogic XXE (CVE-2019-2647)
  • Added the detection of CDNs
  • Added the detection of reverse proxies

Updates

  • Auto-Login is now using the LSR functionality - this will improve auto-login in general
  • Improved detection of DOM XSS
  • Improved handling of invalid Selenium scripts
  • Improved handling of email addresses fields in web forms
  • Improved parsing of WSDL files
  • Implemented support for Proxy-Authenticate header
  • Improved crawling of Spring-based web applications
  • Updated LSR to automatically dismiss modal dialogs during playback
  • Reduced false positives in checks looking for sensitive and backup files
  • Reduced false positives in SSN number detection
  • Reduced false positives in XSS in URIs
  • Improved the detection of WAFs
  • LSR can now record actions within <iframe> elements
  • Jira Issue Tracker integration now supports HTTP Authentication with API key

Fixes

  • Fixed a crash when parsing SOAP messages
  • Fixed issue in interpretation of some Selenium scripts
  • Fixed a number of broken links in the Vulnerability Alerts
  • Autologin was recording the password in the log file
  • Fixed crash caused when reading specific swagger files
  • Fixed crash caused when reading specific large files
  • Fixed issue causing the scanner to go into a loop
  • Fixed issue causing crawler to not interpret correctly certain locations in JavaScript
  • Fixed issue in Manual Intervention
  • Fixed issue affecting sites using euc-kr encoding
  • Fixed Chromium issue caused when window.chrome is used by the site
  • Fixed issue causing Chromium not to load on Kali Linux
  • Fixed LSR playback issue caused when input field contained predefined text
  • SRI not implemented was being reported multiple times per host