Waymap v7.2.1 Patches Thread Safety Flaws and XXE Vulnerability in Web Scanner
Open-source web vulnerability scanner Waymap has released version 7.2.1, focusing entirely on stability improvements, security hardening, and bug fixes rather than new features. The update introduces a centralized ResultManager with file locking to prevent data corruption caused by concurrent writes from multiple scanning threads. A key security fix replaces Python's built-in XML parser with defusedxml, blocking potential XML External Entity (XXE) attacks in SQLi and CMDi payload files. Several scanning accuracy issues were also resolved, including incorrect payload injection into URLs, false positives on slow servers, and broken redirect detection on Windows systems. The release is available via pip or from source on GitHub under the TrixSec project.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in