New Security Checks
- Added SAML-related security checks.
- New security checks for Adobe ColdFusion affected by Deserialization RCE vulnerability. CVE-2023-26359/CVE-2023-26360
- New security checks for GraphQL.
- New checks for Joomla vulnerabilities.
Improvements
- Updated the embedded Chromium browser to v109.0.5414.141 for Windows and 112.0.5615.165 for Linux.
- Improved the Business Logic Recorder to work with autocomplete fields.
- Updated .NET IAST AcuSensor to avoid reporting false positives for default server misconfiguration.
- Improved .NET IAST AcuSensor for reporting vulnerable packages.
- Added support for file upload to the Login Sequence Recorder and Business Logic Recorder.
- Improved response handling.
- Various DeepScan Improvements.
- Improved the coverage of development file exposure check.
- Updated the Software Composition Analysis (SCA) database.
- Updated the WordPress plugin vulnerabilities.
Fixes
- Various fixes in the scanner to lower memory usage.