New features
- DOM XSS will now report the filename in which the attack was executed
- DOM XSS checks on document.open, window.open, window.navigate and more
Bug fixes
- Fixed: Aborting analysis while executing events not always worked in CSA
- Fixed: CSA engine crashing with “worker already executing” exception
- Fixed: Crawler was not considering maximum number of variations in case of links from comments
- Fixed: In some cases during a WSDL service scan, port address query params where not properly used
- Fixed: False positive for ASP.NET padding oracle test
- Bugfix: HTML parser; Fixed regex for extracting URLs from HTML comments