NEW FEATURES
- Added support for alternate email for SSO login
- Added Form authentication Hashicorp Vault integration
- Added technologies chart to the global dashboard and website dashboard pages
- Added test credential API endpoint for scan profiles
- Added Form Auth Custom Scripting feature to the New Scan page
- Redesigned the login page
- Redesigned the SSO help text area in the SSO settings page
- Added an API endpoint for the Updating Issue States
- Added Travis CI integration
- Jira integration now supports custom Resolved statuses
- Kenna integration now supports Asset Application Identifier
- Agents can now be installed using Linux and a Linux Agent button has been added to the Configure New Agent page
- Upgraded the scanning engine to version 5.9.027701.
NEW SECURITY CHECKS
- Added Out-of-date security checks for the Liferay portal
- Added Version Disclosure and Out-of-date security checks for Jolokia
- Added Nested XSS security checks
- Added an ASP.NET Razor SSTI security check
- Added a Java Pebble SSTI security check
- Added a Thymeleaf SSTI security check
- Added Version Disclosure and Out-of-date security checks for Grafana
IMPROVEMENTS
- Added an Issue Update API swagger model improvement
- New password criterion of a minimum of 15 characters has been imposed on admin and top-level users
- Improvements have been made to the Form Authentication Test Script screen
FIXES
- Fixed the problem of slow Vulnerable Websites per period report on the reporting
- Fixed the file uploading problem on Imported Links
- Fixed the Knowledge Base Report's exporting problem
- Fixed the Yukon time zone problem.
- Fixed the Imported Links problem.
- Fixed the problem where the wrong time zone was displaying in Report Templates
- Moved the Scan Profile Test Credentials API post method fields to the body element
- Fixed a database file error in the Report Policy Editor
- Fixed the issue where report policy user changes were not applied when reset.
- Fixed the Vulnerability Detail page responsiveness problem
- Fixed the Sitemap Tree View responsiveness problem
- Fixed the highlighted code focus problem
- Added help text to the HashiCorp Vault integration page
- Fixed the bug that occurred when another team member updated the shared profile
- Fixed a bug that occurred when non-admin users updated profiles
- The Report policy Editor CVSS scores fields now accept empty values
- Fixed a server error that occurred while saving a cloned Scan Policy
- Fixed the problem that occurred when reconfirming the Verify Login and Logout settings