Skip to content

Cut v1.9 (#291)
Compare
Choose a tag to compare
@barnett barnett released this 30 May 02:05
· 28 commits to master since this release
v1.9
d7aa52b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

v1.9 - 2020-05-22

Added

  • sensitive_data_exposure.disclosure_of_secrets.for_publicly_accessible_asset
  • sensitive_data_exposure.disclosure_of_secrets.for_internal_asset
  • sensitive_data_exposure.disclosure_of_secrets.pay_per_use_abuse
  • sensitive_data_exposure.disclosure_of_secrets.intentionally_public_sample_or_invalid
  • sensitive_data_exposure.disclosure_of_secrets.data_traffic_spam
  • sensitive_data_exposure.disclosure_of_secrets.non_corporate_user
  • server_side_injection.ssti.basic
  • server_side_injection.ssti.custom
  • sensitive_data_exposure.via_localstorage_sessionstorage.sensitive_token
  • sensitive_data_exposure.via_localstorage_sessionstorage.non_sensitive_token
  • mobile_security_misconfiguration.auto_backup_allowed_by_default
  • server_security_misconfiguration.no_rate_limiting_on_form.change_password
  • server_side_injection.content_spoofing.impersonation_via_broken_link_hijacking
  • cross_site_request_forgery_csrf.flash_based.high_impact
  • cross_site_request_forgery_csrf.flash_based.low_impact
  • insufficient_security_configurability.password_policy_bypass

Removed

  • sensitive_data_exposure.critically_sensitive_data.password_disclosure
  • sensitive_data_exposure.critically_sensitive_data.private_api_keys
  • sensitive_data_exposure.critically_sensitive_data

Changed

Assets 2