New

• CrawlConfig Option: Remove CSP. You can use the new CrawlConfig option, RemoveContentSecurityPolicy, to remove any content security policy defined in the header or response body.
• CWE References. We added CWE references for several modules.

Improved

• We upgraded the installed Selenium ChromeDriver to version 90.0.4430.24.
• We improved the SQL Injection attack regex.
• We updated the JavaScript Memory Leaks module description.
• We reclassified the Reflection module severity to informational.

Fixed

• We fixed an issue where content-type was ignored when declared in a Swagger document.
• We fixed an issue in the parameters framework. Previously, when a character was incorrectly escaped, the unescape process doubled the character.