18-Mar-2015

Read the blog post for more details about this version

IMPROVEMENTS

• Moved Scan Policy settings from Settings dialog to Scan Policy Editor dialog
• Added "debug" keyword to default sensitive comment keyword list
• Improved Scan Policy Editor dialog to default to unique policy names when a new policy is created or cloned
• Improved Custom 404 RegEx validation to prevent empty patterns
• Improved HTML5 engine to ignore non-HTTP protocols on iframe sources
• Improved Configure Form Authentication wizard to use the selected Scan Policy settings (Custom headers, proxy, user-agent, etc.) on Start a New Scan dialog
• Improved Cross-site Scripting vulnerability template

BUG FIXES

• Fixed wrong PDF scaling issue which causes fonts to be rendered very small for report templates
• Fixed DOM Parser InvalidCastException crashes while trying to cast option tags on some cases
• Fixed form "action" value reported wrong on vulnerability details
• Fixed Internal Proxy port value setting upper bound to 65535
• Fixed incorrect attack possibility calculation for XSS confirmation requests
• Fixed dialog sizes on various screen resolutions and DPIs
• Fixed some issues in XSS detecting within script blocks
• Fixed XML attacks where reserved "xmlns" attribute values were being modified
• Fixed a DOM Parser issue on HTML pages with nested form tags