Netsparker Cloud Update - 18th October 2016
New Web Security Checks
- Improved the Cross-site Scripting (XSS) vulnerability security checks coverage.
- Renamed "Permanent XSS" vulnerability to "Stored XSS".
- Added type ahead search functionality for Scan Policy > Security Checks.
- Added HTTP methods to AJAX / XML HTTP Requests knowledge base section.
- Optimized the performance of SOAP web service parsing by skipping the WSDLs that are already parsed.
- Added Scan Policy > Crawling options to enable/disable parsing of SOAP and REST web services.
- Improved DOM simulation by simulating "contextmenu" events.
- Increased the default values for "Maximum Page Visit" and "Max. Number of Parameters to Attack on a Single Page" settings.
- Improved XML parsing during crawling by parsing empty XML elements as parameters too.
- Added the ability to attack parameter names.
- Added a note to vulnerability detail for non-exploitable frame injection.
- Added .jhtml and .jsp attacks to file upload engine.
- Improved CORS security checks.
- Improved Open Redirect engine to detect CNAME injection such as example.com.r87.com.
- Improved XSS confirmation for vulnerabilities found inside noscript tags.
- Added an attack pattern to the command injection engine to bypass whitespace filtering using $IFS environment variable.
- Fixed a form authentication issue where the last form authentication sequence requests were prematurely cancelled.
- Fixed an issue where incorrect PHP source code disclosures are reported for some binary responses.
- Fixed the broken External Reference link on Remote Code Evaluation (PHP) vulnerability.
- Fixed a file upload input DOM parsing issue which prevents some file upload attacks.
- Fixed a form authentication issue occurs on web sites that opens popups during form authentication sequence.
- Fixed a DOM simulation issue occurs when there is a form element with name "action" on target web page.
- Fixed duplicate "Email Address Disclosure" reporting issue.
- Fixed a NullReferenceException on occurs during CORS security checks.
- Fixed a CSRF exploit generation issue where the generated file is empty.
- Fixed an issue where XSS vulnerability is missed when multiple redirects occur.
- Fixed a text parsing issue where relative URLs were not supported as base href values.
- Fixed an issue where Missing X-Frame-Options Header vulnerability is reported even though ALLOW-FROM is included in the header.
- Fixed an XSS attacking issue where duplicate attacks are made for same payload.
- Fixed a Header Injection attack issue where first line of the HTTP request gets corrupted on full URL attacks.
- Fixed an issue where post exploitation does not work sometimes.
- Fixed a form authentication issue where any slash character in credentials cannot be used.