Acunetix Premium - v15.2

New security checks

  • Updated the WordPress plugin vulnerabilities.
  • Added the AjaxPro.NET Professional Deserialization RCE (CVE-2021-23758).
  • Improved the out-of-band detection.

Improvements

  • Added ability to send HTTP requests to pre-request scripts.
  • Various DeepScan improvements, generally improving the processing of JavaScript-rich web applications.
  • Updated the embedded Chromium browser to v108.0.5359.71.
  • Implemented the scan id to limit the caching, such as file list and libraries, to a scan.
  • Improved the performance of alert transmission for AcuSensor.

Fixes

  • Fixed the MongoDB injection and removed JSON parsing from the feature extraction library to avoid scan crashes.
  • Fixed the issue that sent bogus report because of inconsistent last scan id.
  • Improved the Pre-request script to send an HTTP job.
  • Fixed the formatting issue for vulnerabilities exported to GitHub Issues.
  • Fixed the unhandled exception that the IAST Bridge throws.
  • Fixed the business logic recorder issue that failed to replay the logic sequence recorder.
  • Fixed the issue that the custom scripts folder was not created during the installation.
  • Fixed the issue that failed to show the Chinese on some headings when switched to Chinese.
  • Fixed the manual intervention required information box that began to appear in the notification bar instead of being displayed as a dialog box.
  • Added cURL as a backup if NSLookup is not present.
  • Fixed the Jira integration that failed to create the epic issues.
  • Fixed the issue that long scan names overlap with the AcuSensor icon.
  • Fixed the issue that the authorization bearer was not used throughout the scan.