Acunetix Premium - v15.3

New security checks

  • Added SAML anonymous assertion consumer service audit for XML external entity injection, XSLT, Server-side request forgery, and Cross-site scripting.
  • Added a SAML signature audit to test attacks on signature verification.
  • Added various checks for Content Security Policy misconfiguration.
  • New security check for ASP.NET core development mode.
  • Updated the WordPress core vulnerabilities.
  • Updated the WordPress plugin vulnerabilities.

Improvements

  • Updated .NET IAST Sensor to detect a number of server-side configuration problems which may result in a security vulnerability.
  • Improved the JSON payload tests.
  • Updated JWT secrets dictionary.

Fixes

  • Fixed a bug in the PHP IAST sensor when reporting arrays to the scanner.
  • Fixed the scan summary page that failed to show some of the results.
  • Fixed issues in the UI Notifications causing them to be unactionable.
  • Fixed a problem that caused the LSR to show the mobile version for some sites incorrectly.
  • Fixed .NET sensor issue that returns the root applications (website's root) files although the sensor is enabled for sub-application.
  • Fixed the version information shown on the user interface after the update.
  • Fixed the routing issue for .NET Framework ASP.NET Web API because of compatibility issues.
  • Improved the logic sequence recorder notification that informs users when the response max size limit is exceeded.
  • Fixed issue with pagination on the vulnerabilities page.
  • Fixed the crawler issue that the page becomes unresponsive when it contains many elements.