Acunetix 360 On-Demand - v24.2.0.43676

This update includes changes to the internal agents. The internal scan agent’s current version is 24.2.0. The internal authentication verifier agent’s current version is 24.2.0.

New security checks

  • Implemented a detection and reporting mechanism for the Backup Migration WordPress plugin (CVE-2023-6553)
  • Added detection for TinyMCE

Improvements

  • Updated the "Insecure Transportation Security Protocol Supported (TLS 1.0)" vulnerability to High Severity
  • Implemented support for scanning sites with location permission pop-ups
  • Implemented support for FreshService API V2
  • Revised the labeling of the active vulnerabilities information on the Scan Summary page to provide greater clarity
  • Removed obsolete X-Frame-Options Header security checks

Fixes

  • Fixed a bug in the Request/Response tab of Version Disclosure vulnerabilities
  • Corrected an issue in the technical reports where vulnerabilities identified in Korean are now reported in English
  • Changed the ID parameter from 'optional' to 'required' within the Scan Policy Update API
  • Removed the target URL from the scope control list
  • Resolved a bug in the filtering of vulnerabilities on the Issues page
  • Fixed a bug in the marking of issues as a false positive
  • Resolved an issue where the agent would become unavailable after receiving a 401 error
  • Fixed the issue with uploading a Swagger file into a scan profile on the Acunetix 360 On-Premises
  • Removed the "Export all attributes" option from Scan Profiles, Report Policies, Manage Members, and Scan Policies