🚀 Invicti Acquires Kondukto to Deliver Proof-Based Application Security Posture Management
100% Signal 0% Noise
Platform
Platform Overview
ASPM
API Security
DAST
SAST
SCA
Container Security
AI-Powered AppSec
Features
Pricing
Why Invicti
About Us
Case Studies
Contact Us
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Case Studies
Invicti Learn
Live Training
Partners
Support
Get a demo
Home
/
Documentation
/
3-Nov-2016
Invicti Product Release Notes
Invicti Enterprise On-Demand
Invicti Enterprise On-Premises
Invicti Standard
Invicti Application Security Platform
03 Nov 2016

3-Nov-2016

New Technical Check

  • Added "Cookie Header Contains Multiple Cookies" check

Improvements

  • Improved the Content Security Policy (CSP) and "Misconfigured Access-Control-Allow-Origin Header" vulnerability templates.
  • Improved CSP vulnerability detection by only reporting vulnerabilities on HTML resources.
  • Improved the coverage of the boolean SQL injection vulnerability engine.

Fixes

  • Fixed an issue which was preventing the deletion of multiple websites.
  • Fixed the External CSS, Script and Frame Knowledge Base items which were not considering the port during checks.
  • Fixed an issue in the Open Redirect detection where incorrect URLs may also be reported.
  • Fixed an issue related to the form authentication which prevents logout detection during attacking phase.
  • Fixed an Local File Inclusion (LFI) vulnerability detection issue when attacked with a FullUrl payload.
  • Fixed an incorrect retest result which occurs when the target website is not reachable.
  • Fixed a CSP vulnerability issue for deprecated CSP header name on meta tags.
Invicti Security Corp
1000 N Lamar Blvd Suite 300
Austin, TX 78703, US
© Invicti {year}
Resources
FeaturesIntegrationsPlansCase StudiesRelease NotesInvicti Learn
Use Cases
Penetration Testing SoftwareWebsite Security ScannerEthical Hacking SoftwareWeb Vulnerability ScannerComparisonsOnline Application Scanner
Web Security
The Problem with False PositivesWhy Pay for Web ScannersSQL Injection Cheat SheetGetting Started with Web SecurityVulnerability IndexUsing Content Security Policy to Secure Web Applications
Comparison
Acunetix vs. InvictiBurp Suite vs. InvictiCheckmarx vs. InvictiProbely vs. InvictiQualys vs. InvictiTenable Nessus vs. Invicti
Company
About UsContact UsSupportCareersResourcesPartners

Invicti Security is changing the way web applications are secured. Invicti’s dynamic and interactive application security products help organizations in every industry scale their overall security operations, make the best use of their security resources, and engage developers in helping to improve their overall security posture.

LegalPrivacy PolicyCalifornia Privacy RightsTerms of UseAccessibilitySitemap
Privacy Policy