Changes
- Upgrade Browserker to version
0.0.73
(!589)- Persist navigation results captured during the authentication phase browserker!558
- Enable
829.2
passive check browserker!573 - Associate all response headers with a HTTP response browserker!576
- Check navigations captured during authentication for vulnerability findings browserker!577
- Enable
829.1
passive check browserker!569 - Upgrade vulnerability checks to version
1.0.13
browserker!579 - Remove unnecessary matchers from
598.1
dast-cwe-checks!95 - Upgrade vulnerability checks to version
1.0.12
browserker!579- Add
metadata
to schema to allow for arbitrary key-values on matchers dast-cwe-checks!91 - Add
209.1
Generation of error message containing sensitive information dast-cwe-checks!82 - Add
209.2
Generation of database error message containing sensitive information dast-cwe-checks!82 - Change
829.2
uniqueness template to use console text dast-cwe-checks!93
- Add
- Authentication cookie attribute matches only match for responses that set the authentication cookie browserker!579
- Fix issue where the request headers were used as response headers in finding evidence (!591)
- Upgrade Browserker to version
0.0.74
(!590)- Sort aggregated vulnerabilities by summary for more deterministic results browserker!578
- Replace ZAP rule 10017 and ZAP rule 90003 with 829.1 and 829.2 in browser based scan (!590)