Invicti Standard 13 Dec 2023 v23.12.0.43017

New features

  • Added CVSS 4.0 categorization of vulnerabilities
  • Added support for PCI DSS 4.0
  • Added new messaging for when scans fail due to mistyped http/https protocols

 New security checks

  • Added new HSQLDB vulnerabilities and report templates
  • Added new Typo3 vulnerabilities and report templates


  • Improved the vulnerability calculator for Boolean MongoDB
  • Improved the signature for .dockerignore file detected issues
  • Improved the request body rating algorithm
  • Improved the signature for Joomla detection
  • Improved the signature for other docker-related signatures
  • Improved the Postman collection parsing algorithm
  • Resolved an issue with adding a client certificate to set up a scan
  • Added logs for better traceability of BLR playbacks


  • Fixed the NRE in the agent log if any authentication is adjusted
  • Fixed an issue that was causing verifiers to not use scan policy proxy settings
  • Fixed an auth verifier client certificate authentication path error