VulnerableApp-1.11.0
✨ Newer Feature
- Addition of SSRF vulnerability to VulnerableApp
- Addition of Newer JWT Vulnerability level to include special Authorisation header Injection
🚀 Integrations
🔥 Removed code or files
- Removed Non Vulnerable Level in Persistent XSS
- Removal of redundant VulnerabilityType and VulnerabilitySubTypes
- Removal of all the deprecated fields in VulnerableAppRequestMapping annotation and ScannerResponseBean
🧪 Addition of Tests
- Adding unit test for controller exception handler
- Addition of unit test and small fixes in XSSInImgTagAttribute
- Addition of unit test and various other fixes in OpenRedirect Vulnerability
📝 Documentation update
- Updating Hint messages for SQLInjection
- Grammar update in Project usage document
- Grammer update in Readme
🐞 Fixes
- PathTraversalVulnerability issues with Spring-boot standalone builds
- SQL Injection DB connect issue
- Addition of Secure Variant in XXE
- Marking last level as Secure in CommandInjection
- OpenRedirect vulnerability bug in Spring-boot standalone build
- Updates in PersistentXSSInHTMLTagVulnerability
- Code smell fixes(#372 and #373)
Special thanks to contributors
- @priyanka010392
- @1411dolly0
- @Monoradioactivo
- @KelvinTran6
- @SampathKumarAmex
- @jpralle
- @ehizman
- @shammer0
- @hks1
- @Emelie4
- @merry-degaga
- @NMV01
- @gled02
Special thanks for finding crucial issues
Full Changelog: 1.10.0...1.11.0