Invicti Enterprise On-Demand 07 May 2024 v24.5.0

This update includes changes to the internal agents. The internal scan agent’s current version is 24.5.0. The internal authentication verifier agent’s current version is 24.5.0.

New Security Checks

  • Added detection method for Angular
  • Added a new security check for Oracle EBS RCE

Improvements

  • Updated all IAST sensors to support Java 17 and 21

Fixes

  • Fixed an issue with the detection method for wp-admin vulnerabilities
  • Fixed the issue where scan profiles could not be created through automation tools, Postman, or through the Invicti API Documentation page
  • Fixed the issue with scans that were stuck in ‘Delayed’ or ‘Archiving’ status
  • Fixed an issue that was occurring with the Jira Integration when the Jira URL was set as Localhost
  • Fixed a scan authentication issue and a crawling issue with Cloud Agents
  • Fixed an issue that was occurring when websites were added with both http and https protocols
  • The scan report pdf file name now includes the time and date when it is delivered via the scan completed notification
  • Fixed the 504 error that was appearing when running the Scans_NewWithProfile endpoint
  • Fixed a bug that was preventing retest scans from launching
  • Fixed an issue with the scan data import from Invicti Enterprise to Invicti Standard
  • Fixed the HTTP 401 forbidden response form authentication error
  • Fixed a scan issue that was producing 413 error responses