Home
/
Documentation
/
v23.12.0
Invicti Product Release Notes
Invicti Enterprise On-Demand
Invicti Enterprise On-Premises
Invicti Standard
Invicti Application Security Platform
13 Dec 2023

v23.12.0

New features

  • Added CVSS 4.0 categorization of vulnerabilities
  • Added support for PCI DSS 4.0
  • Added new messaging for when scans fail due to mistyped http/https protocols

New security checks

  • Added new HSQLDB vulnerabilities and report templates
  • Added new Typo3 vulnerabilities and report templates

Improvements

  • Improved the vulnerability calculator for Boolean MongoDB
  • Improved the signature for .dockerignore file detected issues
  • Improved the request body rating algorithm
  • Improved the signature for Joomla detection
  • Improved the signature for other docker-related signatures
  • Improved the Postman collection parsing algorithm
  • Resolved an issue with adding a client certificate to set up a scan
  • Added logs for better traceability of BLR playbacks

Fixes

  • Fixed the NRE in the agent log if any authentication is adjusted
  • Fixed an issue that was causing verifiers to not use scan policy proxy settings
  • Fixed an auth verifier client certificate authentication path error