Invicti Standard 23 Jan 2020


  • Added Reflected Parameter and matched sensitive keyword names to the Breach Attack vulnerability report
  • Additional websites information will now display ‘None’ in reports when there are no additional websites set for a scan


  • Fixed the JSON Metadata Regex check  to match the whole JSON object instead of each part separately
  • Fixed responses with a ‘201’ status code so that they are ignored by the  OAuth2 authentication flow
  • Fixed an issue where ignored parameters were displayed as attack parameters in reports
  • Fixed an issue where reporting options were not being applied in scheduled scans
  • Fixed a memory and GDI object leak in the Imported Links dialog
  • Fixed an OutOfMemoryException that was thrown while generating reports
  • Fixed an ArgumentOutOfRangeException in CsrfEngine that was thrown when form instance contained a negative start index
  • Fixed an issue where incorrect links were being captured from JavaScript contexts