Invicti Product Release Notes
06 Sep 2023
v23.9.0
New feature
- We’ve added the ability to set proxy configurations to Docker Agent as an environment variable when creating a container
Improvements
- Disabled caching from the boolean-based MongoDB security engine to avoid possible false positives
- Improved the content-type exemption for non-HTML content types in the CSP engine
- Improved the typehead.js check to increase stability
- Removed the X-XSS-Protection header check because it is deprecated by modern browsers
- Fixed a scan coverage issue
- Improved the remediation part for the JetBrains .idea detected vulnerability
- Added functionalities to prevent bot detection and fixed an issue that was causing cookie loss after authentication
Fixes
- Fixed the update agent command that was not working correctly
- Fixed the internal Linux v23.7 AV agent that wasn’t sending header configurations
- Encrypted the proxy password used in the scan policy file
- Fixed an issue with missing links when importing a .nss file from Invicti into Acunetix 360
- Fixed the external SOAP web service import problem
- Fixed a custom script issue so that now passwords written to the logs are encrypted
- Fixed an issue that might cause broken functionality for popup pages
- Fixed an issue where vulnerabilities could not be generated as CloudFlare WAF rules via API
- Fixed a bug with Multiple Declarations in the X-Frame-Options Header
- Fixed a localized time issue in the Files area
- Fixed a problem that was causing default values to be filled incorrectly, resulting in false negatives