Invicti Product Release Notes
28 Sep 2023
v23.9.1
New features
- Added encoding for sensitive data
- Added the option to enable CSRF checks for authenticated scans only
- Added a sensitive data (password, session cookie, token etc.) encoder
New security checks
- Added JQuery placeholder detection methods
- Added a new security check for the Missing X-Content-Type-Options vulnerability
Improvements
- Improved the JS Delivery CDN disclosure check to increase stability
- Improved the remediation part for the Weak Ciphers Enabled vulnerability
- Reduced the certainty value to 90 for the Robot Attack Detected vulnerability
- Improved the detection method for CSP
- Improved the detection method for the Dockerignore File Detected vulnerability
- Improved the detection method for the Docker Cloud Stack File Detected vulnerability
Fixes
- Improved our XSS capabilities
- Fixed an NTLM login issue
- Fixed a bug that was overwriting proxy settings in scan policies
- Fixed a unique analyzer bug for the WSDL importer
- Fixed a custom proxy bypass list issue