New Features
- Business Logic Recorder - used to record logic used in multi-step forms
- Export to Citrix WAF
- Support for Azure DevOps Services issue tracker
- CVSS3.1 score for most Acunetix vulnerabilities
- Targets can now be exported to CSV
- New Graph in Dashboard showing Average vulnerabilities per Target
New Vulnerability Checks
Updates
- Manual Intervention (used for CAPTCHAs, OTP etc) is now using the integrated (web-based) LSR
- As a result of the previous update, Manual Intervention is now available on Linux
- Improved error reporting for network scans aborted due to network errors
- Vulnerability alerts updated to show important information at the top
- Updated Github issue tracker to support Personal Access Token (PAT) authentication
- Improved reporting of Paused scans in the UI
- Improved UI message user triggers a scan which is not allowed due to Manual Intervention
- API documentation can now be downloaded from within the Acunetix UI
- Added support for popup windows in the Login Sequence Recorder
- Improved handling of large import files
- Improved handling large requests / responses generated from import files
- Decreased false positives reported for Possible username or password disclosure
- Truncated large vulnerability alerts when sending to Jira issue tracker
Fixes
- Fixed incorrect from email address used for monthly update emails
- Fixed AcuMonitor UI notification to link to corresponding vulnerability
- Fixed issue causing vulnerability checks to not be able to send empty values
- Fixed a number of crashes
- Fixed issue causing ASP.NET sites to be processed as ASP sites
- Fixed 2 issues caused when using Swagger import files
- Improved handling of txt import files using incorrect import format
- Fixed Session Fixation false positive
- Fixed UI issue when configuring Custom Cookies
- Trend charts where not being updated for user accounts
- Fixed issue in excluded hours
- Fixed "Client Certificate Not Set" message incorrectly being reported