Invicti Standard 23 Dec 2021 v6.3.033782



  • Added Identified, Version Disclosure, and Out-of-date security checks for Atlassian Jira.
  • Added Stack Trace Disclosure Signature for Java.
  • Added Shopify Identified Security Check.


  • Updated Invicti Standard .NET Framework version from 4.7.2 to 4.8.
  • Allowed to enter hyphens for the proxy address on the Proxy Settings.
  • Enabled that all child controlled scan parameters are listed in the Sitemap parent node.
  • Changed classification for Cross-site Referrer Leakage and Breach in OWASP Top Ten 2021.
  • Changed CryptographicException error log type.
  • Added condition that when the max crawling link is reached, the DOM simulation stops.
  • Updated Version Disclosure Signature for Apache Coyote.
  • Added callback flag to prevent multi trigger of DOM parser view callback
  • Improved the importing of RAML files includes other files.
  • Added tags property to the Kenna Send to Action.
  • Updated Freshservice integration not to send user agent header.
  • Updated Version Disclosure Signature for Jolokia.
  • Improved the Form Values to be entered into the relevant sections during the form authentication process in the React environment.
  • Improved the login verification process by detecting page load properly.


  • Fixed an issue that created an incorrect issue link in Bitbucket Integration.
  • Fixed an issue that occurred when the proxy information from the Proxy Auto-Configuration file cannot be transmitted in requests made by the browser.
  • Fixed the null reference error (NRE) that occurred during importing the paused or canceled scan files.
  • Fixed an issue that calculated total response time incorrectly.
  • Fixed the bug related to Send To action of Kenna integration.
  • Fixed the Jolokia version disclosure report to properly highlight the related lines.
  • Fixed the OWASP classification links.
  • Fixed an issue that does not show a vulnerability when sorted by the Vulnerability Type although it shows when sorted by Severity.
  • Fixed the misleading tooltip in Scan Policy – Security Checks.
  • Fixed the misaligned text on the PDF version of Executive Summary Report.
  • Fixed an issue that Invicti Standard doesn’t show out-of-scope warning when out-of-scope link is imported.
  • Fixed the inconsistent vulnerability count between reports and status bar.
  • Fixed the manual authentication issue when links are imported from URL.
  • Fixed the Sitemap multilevel group count.
  • Fixed Scan Policy security check count.
  • Fixed a naming issue that occurred when a new custom report name contains a dot.
  • Fixed an issue while changing the Data Directory option on Storage tab.
  • Fixed the issue that external references were not rendered correctly.