Invicti Standard 11 May 2023 v23.5.0.40516

New security checks

  • Added new security check for LDAP injection for IAST.
  • Added new security check for MongoDB injection.
  • Added new security check for Server-side Template Injection for IAST.
  • Added new security check for XPath injection for IAST.
  • Implemented security check for Sensitive Data Exposure.

Improvements

  • Improved the text parser to check URI before parsing.
  • Added the Response Receiver information event to remove waiting time for requests.
  • Improved the GraphQL Introspection query.

Fixes

  • Fixed an issue that caused a bad CSRF token when confirming Cross-site Scripting.
  • Fixed an issue that caused an argument null exception when the browser context was closed.
  • Fixed the issue that is filling out the login form on the logout page during the login verification.
  • Fixed the issue of changing the order of API parameters while importing the JSON file.
  • Fixed the dark template issue that displayed the What’s New section in the light template.
  • Fixed the vulnerability signature types for Cloudflare and Cdnjs.