Acunetix 360 On-Demand - v24.2.0.43676
This update includes changes to the internal agents. The internal scan agent’s current version is 24.2.0. The internal authentication verifier agent’s current version is 24.2.0.
New security checks
- Implemented a detection and reporting mechanism for the Backup Migration WordPress plugin (CVE-2023-6553)
- Added detection for TinyMCE
Improvements
- Updated the "Insecure Transportation Security Protocol Supported (TLS 1.0)" vulnerability to High Severity
- Implemented support for scanning sites with location permission pop-ups
- Implemented support for FreshService API V2
- Revised the labeling of the active vulnerabilities information on the Scan Summary page to provide greater clarity
- Removed obsolete X-Frame-Options Header security checks
Fixes
- Fixed a bug in the Request/Response tab of Version Disclosure vulnerabilities
- Corrected an issue in the technical reports where vulnerabilities identified in Korean are now reported in English
- Changed the ID parameter from 'optional' to 'required' within the Scan Policy Update API
- Removed the target URL from the scope control list
- Resolved a bug in the filtering of vulnerabilities on the Issues page
- Fixed a bug in the marking of issues as a false positive
- Resolved an issue where the agent would become unavailable after receiving a 401 error
- Fixed the issue with uploading a Swagger file into a scan profile on the Acunetix 360 On-Premises
- Removed the "Export all attributes" option from Scan Profiles, Report Policies, Manage Members, and Scan Policies