New Security Checks
- Adjusted the severity of SSLv3 and TLS 1.0 vulnerabilities to reflect their security risks
- Added support for CSP frame-ancestors
- Added detection for CVE-2024-6297, affecting several WordPress plugins
Improvements
- Pre-request script now works in DOM as well
- The Azure Extension now retries connections, preventing pipeline failures
Fixes
- Remediated a high vulnerability issue on the Agent Dotnet dependency package
- Fixed an issue that was preventing the selection of configuration items during ServiceNow integration setup
- Fixed an issue with updating targets using the target group ID
- Fixed an issue where the Auth Verifier heartbeat was showing an hour behind due to daylight saving time adjustments
- Fixed an error that was occurring when editing Report Policies
- Fixed an issue with a REST API endpoint returning alternating severity data for TLS 1.0 vulnerabilities
- Resolved an issue with a pre-request script that was affecting crawling functionality