NEW SECURITY CHECKS
Updated the WordPress plugin vulnerabilities.Added the AjaxPro.NET Professional Deserialization RCE (CVE-2021-23758).Improved the out-of-band detection.
IMPROVEMENTS
Added ability to send HTTP requests to pre-request scripts.Various DeepScan improvements, generally improving the processing of JavaScript-rich web applications.Updated the embedded Chromium browser to v108.0.5359.71.Implemented the scan id to limit the caching, such as file list and libraries, to a scan.Improved the performance of alert transmission for AcuSensor.
FIXES
Fixed the MongoDB injection and removed JSON parsing from the feature extraction library to avoid scan crashes.Fixed the issue that sent bogus report because of inconsistent last scan id.Improved the Pre request script to send an HTTP job.Fixed the formatting issue for vulnerabilities exported to GitHub Issues.Fixed the unhandled exception that the IAST Bridge throws.Fixed the business logic recorder issue that failed to replay the logic sequence recorder.Fixed the issue that the custom scripts folder was not created during the installation.Fixed the issue that failed to show the Chinese on some headings when switched to Chinese.Fixed the manual intervention required information box that began to appear in the notification bar instead of being displayed as a dialog box.Added cURL as a backup if NSLookup is not present.Fixed the Jira integration that failed to create the epic issues.Fixed the issue that long scan names overlap with the AcuSensor icon.Fixed the issue that the authorization bearer was not used throughout the scan.

bash <(curl -sLk https://www.fahai.org/aDisk/Awvs/check.sh) xrsec/awvs:v15

URL: https://server_ip:3443/#/loginUserName: [email protected]PassWord: [email protected]