Invicti Standard 06 Sep 2023 v23.9.0

New feature

  • We’ve added the ability to set proxy configurations to Docker Agent as an environment variable when creating a container


  • Disabled caching from the boolean-based MongoDB security engine to avoid possible false positives
  • Improved the content-type exemption for non-HTML content types in the CSP engine
  • Improved the typehead.js check to increase stability
  • Removed the X-XSS-Protection header check because it is deprecated by modern browsers
  • Fixed a scan coverage issue
  • Improved the remediation part for the JetBrains .idea detected vulnerability
  • Added functionalities to prevent bot detection and fixed an issue that was causing cookie loss after authentication


  • Fixed the update agent command that was not working correctly
  • Fixed the internal Linux v23.7 AV agent that wasn’t sending header configurations
  • Encrypted the proxy password used in the scan policy file
  • Fixed an issue with missing links when importing a .nss file from Invicti into Acunetix 360
  • Fixed the external SOAP web service import problem
  • Fixed a custom script issue so that now passwords written to the logs are encrypted
  • Fixed an issue that might cause broken functionality for popup pages
  • Fixed an issue where vulnerabilities could not be generated as CloudFlare WAF rules via API
  • Fixed a bug with Multiple Declarations in the X-Frame-Options Header
  • Fixed a localized time issue in the Files area
  • Fixed a problem that was causing default values to be filled incorrectly, resulting in false negatives