NEW FEATURES
- [Closed beta] Added the Team Administrator default role
- Changed compression tool from 7zip to Tar
- Added Diana.jl support for GraphQL Library Detection
- Added Hot Chocolate support for GraphQL Library Detection
- Added Zero Day Vulnerability for MOVEit Software
IMPROVEMENTS
- Expanded scenarios for Discovery Service with AWS Connections
- Improved performance when updating vulnerability lookups
- Improved performance of database indexes
- Improved added API endpoints for Custom Scripts
- Improved performance for Issues Report API endpoint
- Improved detection of IT Hit WebDav Server .Net versions
- Improved Internal Path Disclosure detection
- Improved Remediation Advice for Autocomplete Enabled vulnerability
- Improved detection logic for LFI vulnerability
- Improved identification and version disclosure for PopperJS, CanvasJS, and Next.js
- Improved WAF Detection for F5 BIG IP
FIXES
- Fixed issue with scans stopping with the Find & Follow New Links option enabled
- Fixed issue with agent compression of chromium and node files
- Fixed null value exception with REST API
- Fixed InvalidCastException with REST API
- Fixed ArgumentNullException with Custom Security Checks
- Fixed Access Denied error when attempting to delete scan files which were already previously deleted
- Fixed cannot login to web app after changing database password
- Fixed unclear results with PCI reports with edge date ranges
- Fixed BLR cannot fill address fields
- Fixed licensing issue when adding a previously-deleted website
- Fixed adding some MongoDB vulnerabilities to Knowledge Base report
- Fixed importing Swagger/OpenAPI links
- Fixed Discovery Service issue with AWS Connection throttling
- Fixed authentication failure with MFA recovery codes
- Fixed license file corruption issue during version upgrade
- Fixed scans unauthenticated after successful authentication verification
- Fixed linux agent update issue