Acunetix Premium - v25.12.3 - Security

Security checks

• Updated the Vulnerability Database (VDB) to version 20251215
• Added 179 new versions for 37 technologies and 118 new CVEs
• Improved severity ratings for Apache 2.4.64 from Medium to High
• Improved severity ratings for Liferay DXP versions 2023.q3.0, 2023.q4.6-10, 2024.q1.1-5, 7.0-7.2 from Medium/High to High/Critical
• Improved severity ratings for Liferay Portal versions 6.2, 7.0.0, 7.0.6, 7.2.0-7.2.1, 7.3.0-7.3.2, 7.4.3.10-7.4.3.119 from Medium/High to Critical
• Improved severity ratings for MongoDB versions 7.0.20-7.0.25, 8.0.9-8.0.12, 8.1.0 from Medium to High
• Improved severity ratings for Next.js React Framework versions 14.2.25-14.2.29 from Medium to High
• Added vulnerability detection for Angular:
  • CVE-2025-61261 (Medium)
• Added vulnerability detection for Apache:
  • CVE-2025-55753 (High)
  • CVE-2025-58098 (High)
  • CVE-2025-59775 (High)
  • CVE-2025-65082 (Medium)
  • CVE-2025-66200 (Medium)
• Added vulnerability detection for Django:
  • CVE-2025-13372 (Medium)
  • CVE-2025-64460 (High)
• Added vulnerability detection for Liferay DXP:
  • CVE-2025-3586 (High)
  • CVE-2025-3594 (Critical)
  • CVE-2025-43766 (Critical)
  • CVE-2025-43768 (High)
  • CVE-2025-43801 (High)
  • CVE-2025-43813 (High)
  • CVE-2025-43746, CVE-2025-43747, CVE-2025-43754, CVE-2025-43755, CVE-2025-43756, CVE-2025-43757, CVE-2025-43761, CVE-2025-43762, CVE-2025-43763, CVE-2025-43764, CVE-2025-43765, CVE-2025-43767, CVE-2025-43769, CVE-2025-43770, CVE-2025-43777, CVE-2025-43778, CVE-2025-43802, CVE-2025-43806, CVE-2025-43810, CVE-2025-43811, CVE-2025-43812, CVE-2025-43814, CVE-2025-43815, CVE-2025-43817, CVE-2025-43818, CVE-2025-43820, CVE-2025-43830, CVE-2025-62237, CVE-2025-62238, CVE-2025-62239, CVE-2025-62240, CVE-2025-62245, CVE-2025-62246, CVE-2025-62247, CVE-2025-62248, CVE-2025-62249, CVE-2025-62250, CVE-2025-62251, CVE-2025-62252, CVE-2025-62253, CVE-2025-62255, CVE-2025-62259 (Medium)
• Added vulnerability detection for Liferay Portal:
  • CVE-2025-3586 (High)
  • CVE-2025-3594 (Critical)
  • CVE-2025-43766 (Critical)
  • CVE-2025-43768 (High)
  • CVE-2025-43801 (High)
  • CVE-2025-43813 (High)
  • CVE-2025-43746, CVE-2025-43754, CVE-2025-43755, CVE-2025-43756, CVE-2025-43757, CVE-2025-43761, CVE-2025-43762, CVE-2025-43763, CVE-2025-43764, CVE-2025-43765, CVE-2025-43767, CVE-2025-43769, CVE-2025-43770, CVE-2025-43777, CVE-2025-43778, CVE-2025-43802, CVE-2025-43806, CVE-2025-43810, CVE-2025-43811, CVE-2025-43812, CVE-2025-43814, CVE-2025-43815, CVE-2025-43817, CVE-2025-43818, CVE-2025-43820, CVE-2025-43830, CVE-2025-62237, CVE-2025-62238, CVE-2025-62239, CVE-2025-62240, CVE-2025-62245, CVE-2025-62246, CVE-2025-62247, CVE-2025-62248, CVE-2025-62249, CVE-2025-62250, CVE-2025-62251, CVE-2025-62252, CVE-2025-62253, CVE-2025-62255, CVE-2025-62259 (Medium)
  • Added vulnerability detection for MongoDB:
    • CVE-2025-13644 (High)
    • CVE-2025-12657 (Medium)
    • CVE-2025-13643 (Medium)
    • CVE-2025-14345 (Medium)
  • Added vulnerability detection for Next.js React Framework:
    • CVE-2025-55184 (High)
    • CVE-2025-67779 (High)
    • CVE-2025-55183 (Medium)
  • Added vulnerability detection for React:
    • CVE-2025-55184 (High)
    • CVE-2025-67779 (High)
    • CVE-2025-55183 (Medium)
  • Added vulnerability detection for SharePoint:
    • CVE-2025-64672 (Critical)
    • CVE-2025-62555 (High)
    • CVE-2025-62558 (High)
    • CVE-2025-62559 (High)
    • CVE-2025-62562 (High)

Improvements

• Improved detection of DOM XSS vulnerabilities
• Updated the alert text of the most detected vulnerabilities

Resolved issues

• Improved detection of "Sensitive pages could be cached" vulnerabilities
• Improved detection of "Open Redirect" vulnerabilities