We are pleased to announce an updated build of Acunetix Web Vulnerability Scanner 8 (WVS 8). The new build 20120704, includes a number of new security checks, improvements and bug fixes. The highlight of this new Acunetix Web Vulnerability Scanner 8 build is that it includes cross-site scripting security checks for HTML5 web applications, and also for responses of text/xml content-type.
New Security Checks:
- Added a number of new HTML 5 Cross-site scripting security checks
- content-type text /xml responses are now being checked for XSS vulnerabilities
- Using Windows 8.3 short filenames techniques to check for information disclosure
- Checks for Microsoft IIS Tilde directory enumaration problems
- A number of new security checks for Webadmin
- Checking for MySQL, RubyonRails and phpMyAdmin SQL dump files on web applications
- File disclosure via XXE Injection tests for Zend Framework
- Information disclosure checks in environment variables
- Improved Directory Traversal security checks
- Less false positives reported by the HTML Forms security checks
- Custom cookies paths are now set correctly to the start URL
- New discovered input parameters variations are added to the list of input variations rather than ignored
How to Upgrade to Build 20120704
On starting Acunetix Web Vulnerability Scanner 8, a pop-up window will automatically notify you that a more recent build is available for download. Navigate to the General > Program Updates node in the Tools explorer, click on Download and Install the new build.
View the complete Acunetix WVS change log here.
Get the latest content on web security
in your inbox each week.