Now you can enter multiple IP addresses and IP ranges into the IP Address Restrictions setting. Previously, only single-entry IP addresses were permitted.
Added TLS certificate authentication as an option when integrating with HashiCorp Vault. Previously, we only supported token authentications.
The default compression format for log files is now .tar instead of 7zip
Improvements
Disabled caching from the boolean-based MongoDB security engine to avoid possible false positives
Improved the content-type exemption for non-HTML content types in the CSP engine
Improved the typehead.js check to increase stability
Removed the X-XSS-Protection header check because it is deprecated by modern browsers
Added functionalities to prevent bot detection and fixed an issue that was causing cookie loss after authentication
Improved the remediation part for the JetBrains .idea detected vulnerability
Fixes
Fixed a bug that was stopping the certificate authentication process from working correctly for Authverifiers
Fixed a boolean-based MongoDB Injection that was causing false positives in scan reports
Fixed the incorrect display of vulnerabilities when importing scan results from Invicti Standard to Invicti Enterprise
Fixed a bug that was preventing the editing of internal website URLs
Fixed the character validity issue so that user names with Danish characters can now be edited in the UI
Fixed a bug that was allowing access to the UI via the back button after the user had signed out
Fixed the Discovery Main Domains Filter Expression that was not working properly for some domains
Fixed an issue that was causing tags to be duplicated when a website was imported using a CSV file
Fixed the update agent command that was not working correctly
Fixed the internal Linux v23.7 AV agent that wasn’t sending header configurations
Encrypted the proxy password used in the scan policy file
Fixed a scan coverage issue
Fixed the external SOAP web service import problem
Fixed a custom script issue so that now passwords written to the logs are encrypted
Fixed an issue where vulnerabilities could not be generated as CloudFlare WAF rules via API
Fixed a problem that was causing default values to be filled incorrectly, resulting in false negatives
By using this website you agree with our use of cookies to improve its performance and enhance your experience. More information in our Privacy Policy.
