Invicti Standard 09 Mar 2015


  • Fixed a critical bug which crashes DOM Parser and DOM XSS processes on Windows 8.1 systems with KB3000850 update installed

  • Fixed a bug in recrawler where the current concurrent connection count isn’t honored

  • Fixed a bug in multipart/form-data parser to read parameter names with semicolons correctly

  • Fixed a bug in multipart/form-data parser to recognize the request body even if there are no parameters present

  • Fixed a bug where a form with multipart/form-data encoding type is incorrectly parsed with a POST method rather than a GET

  • Fixed an issue with DOM Parser to better simulate radio/check boxes with click event handlers attached

  • Fixed an issue with HTTP request parser to recognize the correct HTTP method with POST requests containing an empty request body

  • Fixed an issue where Content-Length header is not set to 0 with empty request bodies

  • Fixed an issue where some requests discovered using DOM Parser with POST HTTP method are recognized as GET requests

  • Fixed an issue with ASP.NET View State response viewer to show the View State data on cases where id attribute of input tag is missing

  • Fixed an ASP.NET View State parser issue occurs while reading .NET 1.x View States