Releases
v1.9
v1.9 - 2020-05-22
Added
sensitive_data_exposure.disclosure_of_secrets.for_publicly_accessible_asset
sensitive_data_exposure.disclosure_of_secrets.for_internal_asset
sensitive_data_exposure.disclosure_of_secrets.pay_per_use_abuse
sensitive_data_exposure.disclosure_of_secrets.intentionally_public_sample_or_invalid
sensitive_data_exposure.disclosure_of_secrets.data_traffic_spam
sensitive_data_exposure.disclosure_of_secrets.non_corporate_user
server_side_injection.ssti.basic
server_side_injection.ssti.custom
sensitive_data_exposure.via_localstorage_sessionstorage.sensitive_token
sensitive_data_exposure.via_localstorage_sessionstorage.non_sensitive_token
mobile_security_misconfiguration.auto_backup_allowed_by_default
server_security_misconfiguration.no_rate_limiting_on_form.change_password
server_side_injection.content_spoofing.impersonation_via_broken_link_hijacking
cross_site_request_forgery_csrf.flash_based.high_impact
cross_site_request_forgery_csrf.flash_based.low_impact
insufficient_security_configurability.password_policy_bypass
Removed
sensitive_data_exposure.critically_sensitive_data.password_disclosure
sensitive_data_exposure.critically_sensitive_data.private_api_keys
sensitive_data_exposure.critically_sensitive_data
Changed
You can’t perform that action at this time.