Invicti Product Release Notes
17 Jan 2023
23.1.0
Improvements
- Added control for login and logout during vulnerability retest.
- Added auto responder for images to escape the onerror issue.
Fixes
- Fixed an issue that overrode TLS settings available in the scan policy when the Ignore SSL Certificate Errors is set to True in the Appsetting.json file.
- Fixed a bug that throws a null reference exception at the authentication.
- Fixed missing CSP 3 Directive.
- Fixed an issue about 3-legged OAuth which cause failed authentication at scan.
- Fixed the scheduled scans not being exported issue to Invicti Enterprise.
- Fixed an issue about header encoding that cause false positive CSP reporting.
- Fixed the bug on the Interactive Login page where the Ok and Pause buttons are not available.
- Fixed case sensitivity when checking HTTP headers for JSON Web Tokens.
- Fixed the IPv6 registered website resolution issue thrown before scanning.
- Improved the vulnerability database updating process to enable it to use a proxy.
- Fixed a bug that prevents the scanner from attacking to login and logout pages.
- Fixed the bug in which OAuth2 settings were not transferred properly from the web application to the agent.