Acunetix v12 (build 12.0.180619111) has been released. This new build introduces new vulnerability checks for WordPress, Django, multiple Spring Framework and Atlassian products. Below is a full list of updates.
New Features and Vulnerability tests
- Spring Data Commons RCE via Spring Expression Language (SpEL) injection (CVE-2018-1273)
- Atlassian OAuth Plugin IconUriServlet SSRF, affecting multiple Atlassian products (CVE-2017-9506)
- WordPress REST API User Enumeration
- Django Debug Mode via DisallowedHost
- Tests for PHP-FPM (FastCGI Process Manager) Status Page
- Check for common test CGI scripts that are leaking environment variables
- Check Spring Boot Actuator information disclosure
- Check for RCE via Spring Boot WhiteLabel Error Page Spring Expression Language (SpEL)
- Atlassian Jira ManageFilters Information Disclosure
- Crash dump was sometimes not being created
Get the latest content on web security
in your inbox each week.