Releases: zaproxy/zap-extensions
Releases · zaproxy/zap-extensions
Selenium version 15.31.0
Changed
- Update Selenium to version 4.27.0.
- Use WebDriver BiDi with Firefox.
Retire.js version 0.43.0
Fixed
- An issue that was resulting in False Positives.
Changed
- Updated with upstream retire.js pattern changes.
- The scan rule now uses a more specific CWE (Issue 8732).
Network version 0.19.0
Changed
- Configure the logging to prevent verbose log messages when using BC JSSE provider.
- Improve error handling on client's unknown CA TLS alert.
- Report available TLS providers when failed to query the TLS/SSL protocol versions.
- Rely on the default secure random generator when creating the Root CA certificate to use the most appropriate defined by the security provider.
- Update default user-agents.
DOM XSS Active scanner rule version 20
Changed
- Address deprecation warnings with newer Selenium version (4.27).
- Include the whole HTTP message in the raised alerts.
- Include the steps to reproduce the DOM XSS in the other info of the alert.
- Do not request URLs explicitly excluded from the context or global excludes
- Depend on newer version of Common Library add-on.
Fixed
- Address false negatives through query parameters.
Added
- Standardized Scan Policy related alert tags on the rule.
Common Library version 1.29.0
Changed
- Dependency updates.
- Let the Value Generator add-on provide the custom values through this add-on (Issue 8016).
Added
- Policy tags for use with scan rules and the new Scan Policies add-on.
Fixed
- Be more lenient with the input used for providing values, to prevent exceptions.
Windows WebDrivers version 117
Changed
- Update ChromeDriver to 131.0.6778.204.
MacOS WebDrivers version 117
Changed
- Update ChromeDriver to 131.0.6778.204.
Linux WebDrivers version 117
Changed
- Update ChromeDriver to 131.0.6778.204.
Windows WebDrivers version 116
Changed
- Update ChromeDriver to 131.0.6778.87.
MacOS WebDrivers version 116
Changed
- Update ChromeDriver to 131.0.6778.87.