7.5.005
Improved
- Selenium ChromeDriver. We upgraded Selenium ChromeDriver to version 119.0.6045.105.
- HTTPHeadersConfig.
DoNotAttackUserAgenthas been added as an option to the HTTPHeadersConfig advanced scan config section. This prevents the Out of Band Log4Shell attack from attacking custom user agents. - BrowserDoNotDownloadExtensions. We extended
BrowserDoNotDownloadExtensionsto include .woff2, .webm, or .mov files. - MSAL. We added an option to configure the MSAL authority URL.
Fixed
- The engine is no longer creating an excessive number of dump files.
- We fixed a false positive against the Swagger UI (DOM based) attack module.
- All OpenAPI files are now loading correctly.
- Invalid URLs no longer cause the R7Crawler to crash.
- We fixed an issue that was causing duplicate Content-Length headers.
- We resolved a race condition that prevented scans from initializing when the database was queried before the scan.