Improved
- Parameter Fuzzing. We improved the Parameter Fuzzing attack module by removing duplicates.
- X-XSS-Protection. Deprecated headers are now flagged as vulnerabilities and we have updated the recommendation to use Content Security Policy attack module instead of X-XSS-Protection attack module.
- Selenium ChromeDriver. We upgraded Selenium ChromeDriver to 110.0.5481.77.
Fixed
- We fixed an issue that caused a false positive in the Content Security Policy header attack module.
- We fixed an issue that caused a false negative in the Content Security Policy header attack module.
- We fixed an issue that caused a false positive for the Cross-Site Request Forgery attack module.