New feature
Security checks
- Improved the Server-side prototype pollution check.
- Updated the WordPress plugin vulnerabilities.
- Updated the software composition analysis database.
Improvements
- Added sitemap parser to better handle the sitemap files.
- Improved the user interface to remove the hyperlink for websites that users do not have permission to.
- Improved scanner to identify XSS in forms where these forms are protected with a CSRF token that is changing each time the page is refreshed.
- Increased limit for data exchanged between IAST AcuSensors and the Acunetix engine.
- Improved the token validator for new Jira tokens.
Fixes
- Fixed the OpenVAS service on Acunetix Premium Online to avoid the scan queue.
- Fixed bug causing some vulnerability checks to not execute on scans which are paused and resumed.
- Fixed issue with the request header limit for Github/Gitlab issue trackers.
- Fixed the issue of sending issues to Bugzilla.
- Fixed the bug that threw an internal server exception when a system admin tries to add a new user.
- Fixed the UI bug that appeared when the target is network.
- Fixed the issue that rejected locations and schemes are still being scanned.
- Fixed the issue with the corrupted links that are sent via email after the scan.
- Fixed the password reset issue.
- Fixed possible false positive misconfiguration "ASP.NET expired session IDs are not regenerated"