Invicti Standard 16 Nov 2023 v23.11.0.42728

New features

  • Added an option under New Scan Policy > Ignored Parameters to allow customers to set ‘Cookie’ as a type of ignored parameter

New security checks

  • Added new checks for the WordPress Login with Phone Number Plugin: CVE-2023-23492
  • Added new checks for the WordPress JupiterX Core Plugin: CVE-2023-38389, CVE-2023-38388


  • Added support for custom authentication tokens without token type
  • Improved LFI attack patterns for better accuracy
  • Fixed some vulnerabilities in the Docker image
  • Stricter sensitive data rules
  • Improved bot detection bypass scenarios


  • Fixed custom header values in scan profiles so that they are masked
  • Docker Cloud Stack check has been updated to reduce noise
  • Fixed an issue with adding configuration files to scan profiles
  • SSL/TLS classification updated from CWE-311 to CWE-319