Added auto-GraphQL attack after endpoint is detected.
Added request wait filter for request wait handler.
NEW SECURITY CHECKS
Added MongoDB Time-based (Blind) Injection.
Added SQLite Boolean SQL Injection.
Added MongoDB Error-based Injection.
IMPROVEMENTS
Updated the embedded browser.
Updated the hardcoded scan policy for http://rest.testinvicti.com.
Added the out-of-scope check for the target website content links.
Updated the Check for VDB Update status and tooltip when users start the check for update.
Updated Vulnerability Detection Logic in JWT engine.
Updated Liferay portal signature and added a mapping for version conversion.
FIXES
Fixed the web security issue for the origin header problem.
Fixed the sitemap bug that caused missing information when imported.
Fixed the bug that threw an error when exporting as SQL script.
Fixed the bug that threw an error, as HTTP Requester deletes the whole body part of the request which contains the login credentials.
Fixed multiple headers highlighting for the same value.
Fixed highlighting CSP Directives in different header issues.
Fixed duplicate bearer tokens for some requests.
Fixed the out-of-memory bug at the browser manager.
Fixed the null reference exception on the custom script screen.
Fixed the connection time-out issue caused by the RegEx engine.
Fixed an issue that resulted in false positive Cross-site Scripting (DOM-based).
Fixed the retest issue that displays zero requests in the repetitive retests.
Fixed the bug that shows the previous version of VDB.
Fixed parsable false attack patterns place.
By using this website you agree with our use of cookies to improve its performance and enhance your experience. More information in our Privacy Policy.
