v23.12.0 - 13 December 2023

This update includes changes to the internal agents. The internal scan agent’s current version is 23.12.0. The internal authentication verifier agent’s current version is 23.12.0.

New features

• Added CVSS 4.0 categorization of vulnerabilities
• Added support for PCI DSS 4.0

Improvements

• Added descriptions to the agent warning messages on the Scan Summary page
• Updated messaging around the functionality of the Team Administrator role
• Improved the request body rating algorithm
• Improved the Postman collection parsing algorithm
• Resolved an issue with adding a client certificate to set up a scan
• Improved the vulnerability calculator for Boolean MongoDB

Fixes

• Fixed an issue with the agent auto-updater
• Added a missing control for SSO users while editing members
• Fixed a bug in the communication between Invicti and ServiceNow
• Fixed a bug that was preventing administrators from creating new notifications or editing built-in notifications
• Fixed an issue that was causing verifiers to not use scan policy proxy settings
• Fixed an auth verifier client certificate authentication path error
• Fixed the Invicti crawler that wasn't getting JS endpoints correctly