Skip to content

DOM XSS Active scanner rule version 20

Latest
Compare
Choose a tag to compare
@zapbot zapbot released this 23 Dec 15:08
· 12 commits to main since this release
22a8808

Changed

  • Address deprecation warnings with newer Selenium version (4.27).
  • Include the whole HTTP message in the raised alerts.
  • Include the steps to reproduce the DOM XSS in the other info of the alert.
  • Do not request URLs explicitly excluded from the context or global excludes
  • Depend on newer version of Common Library add-on.

Fixed

  • Address false negatives through query parameters.

Added

  • Standardized Scan Policy related alert tags on the rule.