Home
/
Documentation
/
v23.9.1
Invicti Product Release Notes
Invicti Enterprise On-Demand
Invicti Enterprise On-Premises
Invicti Standard
Invicti Application Security Platform
28 Sep 2023

v23.9.1

New features

  • Added encoding for sensitive data
  • Added the option to enable CSRF checks for authenticated scans only
  • Added a sensitive data (password, session cookie, token etc.) encoder

New security checks

  • Added JQuery placeholder detection methods
  • Added a new security check for the Missing X-Content-Type-Options vulnerability

Improvements

  • Improved the JS Delivery CDN disclosure check to increase stability
  • Improved the remediation part for the Weak Ciphers Enabled vulnerability
  • Reduced the certainty value to 90 for the Robot Attack Detected vulnerability
  • Improved the detection method for CSP
  • Improved the detection method for the Dockerignore File Detected vulnerability
  • Improved the detection method for the Docker Cloud Stack File Detected vulnerability

Fixes

  • Improved our XSS capabilities
  • Fixed an NTLM login issue
  • Fixed a bug that was overwriting proxy settings in scan policies
  • Fixed a unique analyzer bug for the WSDL importer
  • Fixed a custom proxy bypass list issue