AppSpider release announcements for July 2017

Document created by Gary Sabala Employee on Jul 6, 2017Last modified by Gary Sabala Employee on Jul 18, 2017
Version 7Show Document
  • View in full screen mode

Rapid7 releases coverage updates for AppSpider to help you protect your environment against ever-evolving security threats. This page contains detailed announcements for the most recent AppSpider coverage releases:

 

  • AppSpider Pro Release 6.14.074: July 18, 2017
  • AppSpider Pro Release 6.14.072: July 13, 2017
  • AppSpider Pro Release 6.14.071: July 6, 2017

________________________________________________________________________________ _____

AppSpider Pro 6.14.074 Release:

Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • Fixed VBScript-related XSS validation.
  • Added a user log warning about impending license expiration.
  • Fixed a bug that AppSpider was importing stale cookies from user provided recorded traffic.
  • Fixed cookie handling during Selenium execution.

 

AppSpider Pro 6.14.072 Release:

Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • Added new BSQL attacks against date format values.
  • Created a new errors JSON Report to support customers who do not want to parse our log files to gain access to AppSpider errors.
  • Created a command line switch, COM interface, REST interface for testing global-DSN functionality.

 

 

AppSpider Pro 6.14.071 Release:

Application enhancements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • Fixed the problem with following links within a hidden browser with Unicode language texts.
  • Added Local Storage support to the crawling engine.
  • Improved crawling in browser: fixed the problems with injected javascript overwrites.
  • Updated swagger parsing errors text.
  • Enforce locking of user provided Authorization header.
  • Fixed a problem with wrongly ordered Event Log entries in the HTML reports.

Attachments

    Outcomes