New DAST Detections

We’ve enhanced our detection capabilities with the addition of three new plug-ins. As always, if you require any more information on this topic or want to see what unexpected vulnerabilities AppCheck can pick up in your website and applications then please contact us: info@localhost.

Continuing our trajectory of the worlds leading DAST scanner, here is a round up of this week’s new detections. These new plug-ins detect the below:

  • Flask cookies: Flask uses signed cookies to ensure that the data stored within cannot be tampered with by a client. However, if these cookies are signed with a weak key, several risks arise, such as cookie tampering, session hijacking, and privilege escalation. This can occur when a key is weakened by being too short, easily guessable or including common words.
  • JupyterLab new version detections: This plug-in identifies the version of JupyterLab an reports on any vulnerabilities for the detected version.
  • LDAP Injection: This is a type of injection attack that allows attackers to manipulate Lightweight Directory Access Protocol (LDAP) queries made to an LDAP server. Successful injections can lead to unauthorised access to sensitive information, bypassing authentication or executing arbitrary commands on said server.

 

Benefits this feature provides:

  • Further detection capability available through the scanner.

 

Screenshots:

 

Other recent product updates include:

 

Additional Information

As always, if you require any more information on this topic or want to see what unexpected vulnerabilities AppCheck can pick up in your website and applications then please contact us: info@localhost

 

About AppCheck

AppCheck is a software security vendor based in the UK, offering a leading security scanning platform that automates the discovery of security flaws within organisations websites, applications, network, and cloud infrastructure. AppCheck are authorized by the Common Vulnerabilities and Exposures (CVE) Program as a CVE Numbering Authority (CNA).

Get started with Appcheck

No software to download or install.

Contact us or call us 0113 887 8380

About Appcheck

AppCheck is a software security vendor based in the UK, offering a leading security scanning platform that automates the discovery of security flaws within organisations websites, applications, network and cloud infrastructure. AppCheck are authorized by te Common Vulnerabilities and Exposures (CVE) Program aas a CVE Numbering Authority (CNA)

No software to download or install.
Contact us or call us 0113 887 8380

Start your free trial

Your details
IP Addresses
URLs

Get in touch