v23.9.0

New feature

• We’ve added the ability to set proxy configurations to Docker Agent as an environment variable when creating a container

Improvements

• Disabled caching from the boolean-based MongoDB security engine to avoid possible false positives
• Improved the content-type exemption for non-HTML content types in the CSP engine
• Improved the typehead.js check to increase stability
• Removed the X-XSS-Protection header check because it is deprecated by modern browsers
• Fixed a scan coverage issue
• Improved the remediation part for the JetBrains .idea detected vulnerability
• Added functionalities to prevent bot detection and fixed an issue that was causing cookie loss after authentication

Fixes

• Fixed the update agent command that was not working correctly
• Fixed the internal Linux v23.7 AV agent that wasn’t sending header configurations
• Encrypted the proxy password used in the scan policy file
• Fixed an issue with missing links when importing a .nss file from Invicti into Acunetix 360
• Fixed the external SOAP web service import problem
• Fixed a custom script issue so that now passwords written to the logs are encrypted
• Fixed an issue that might cause broken functionality for popup pages
• Fixed an issue where vulnerabilities could not be generated as CloudFlare WAF rules via API
• Fixed a bug with Multiple Declarations in the X-Frame-Options Header
• Fixed a localized time issue in the Files area
• Fixed a problem that was causing default values to be filled incorrectly, resulting in false negatives