Professional 1.6.03

This release includes a new engine for static analysis of JavaScript code. This enables Burp Scanner to report a range of new vulnerabilities, including:

• DOM-based XSS
• JavaScript injection
• Client-side SQL injection
• WebSocket hijacking
• Local file path manipulation
• DOM-based open redirection
• Cookie manipulation
• Ajax request header manipulation
• DOM-based denial of service
• Web message manipulation
• HTML5 storage manipulation

For more details, see the blog post.