Invicti Product Release Notes
13 Dec 2023
v23.12.0
New features
- Added CVSS 4.0 categorization of vulnerabilities
- Added support for PCI DSS 4.0
- Added new messaging for when scans fail due to mistyped http/https protocols
New security checks
- Added new HSQLDB vulnerabilities and report templates
- Added new Typo3 vulnerabilities and report templates
Improvements
- Improved the vulnerability calculator for Boolean MongoDB
- Improved the signature for .dockerignore file detected issues
- Improved the request body rating algorithm
- Improved the signature for Joomla detection
- Improved the signature for other docker-related signatures
- Improved the Postman collection parsing algorithm
- Resolved an issue with adding a client certificate to set up a scan
- Added logs for better traceability of BLR playbacks
Fixes
- Fixed the NRE in the agent log if any authentication is adjusted
- Fixed an issue that was causing verifiers to not use scan policy proxy settings
- Fixed an auth verifier client certificate authentication path error