New Technical Check
- Added “Cookie Header Contains Multiple Cookies” check
- Improved the Content Security Policy (CSP) and “Misconfigured Access-Control-Allow-Origin Header” vulnerability templates.
- Improved CSP vulnerability detection by only reporting vulnerabilities on HTML resources.
- Improved the coverage of the boolean SQL injection vulnerability engine.
- Fixed an issue which was preventing the deletion of multiple websites.
- Fixed the External CSS, Script and Frame Knowledge Base items which were not considering the port during checks.
- Fixed an issue in the Open Redirect detection where incorrect URLs may also be reported.
- Fixed an issue related to the form authentication which prevents logout detection during attacking phase.
- Fixed an Local File Inclusion (LFI) vulnerability detection issue when attacked with a FullUrl payload.
- Fixed an incorrect retest result which occurs when the target website is not reachable.
- Fixed a CSP vulnerability issue for deprecated CSP header name on meta tags.