Changes Remove INFO log4j properties from base logging configuration for ZAP Server (!182) Include request and response headers in the vulnerability evidence (!168) Mask sensitive request and response header values with environment variable DAST_MASK_HTTP_HEADERS (!179)