Netsparker is now Invicti

Get a demo

100% Signal 0% Noise

Get a demo

Get a demo

Product
Why Us?
Pricing
About Us
Resources
- Blog
- Live Trainings
- Podcasts
- Invicti Learn
- Resource Library
- Partners
  - Channel
  - MSSP
- Documentation

Home / Documentation / Invicti Standard release notes / 08 Jul 2025

Product Release Notes

Invicti Product Release Notes

Invicti Enterprise On-Demand
Invicti Enterprise On-Premises
Invicti Standard

08 Jul 2025

Invicti Standard 08 Jul 2025 v25.7.0

Security checks

Added a new CVE check for CVE-2019-19326
Added a new XSS attack for CVE-2024-11831

Improvements

Improved XSS detection to reduce noise
Increased the timeout duration for IAST responses to prevent premature failures
Implemented an enhancement to capture the token information present in the response during the OAuth2 Implicit Flow
Implemented an enhancement to enable more effective cookie management when HTTP/2 is enabled
Updated dependencies with known vulnerabilities
Improved prototype-pollution detection to reduce noise

Resolved issues

Enhanced support for using multiple secrets simultaneously within a single custom header
Resolved an issue where duplicate X-Content-Type-Options headers triggered false missing header reports
A fix was implemented to prevent the application from crashing due to faulty custom scripts
Addressed an issue encountered during report policy migration
Corrected the MOVEit SQLi check to avoid reporting an incorrect version

Invicti Security Corp
1000 N Lamar Blvd Suite 300
Austin, TX 78703, US

© Invicti 2025

RESOURCES
USE CASES
WEB SECURITY
COMPARISON
COMPANY
- About Us
- Contact Us
- Documentation
- Careers
- Resources
- Partners

© Invicti 2025

Compliance
Legal
Privacy Policy
California Privacy Rights
Terms of Use
Accessibility
Sitemap

By using this website you agree with our use of cookies to improve its performance and enhance your experience. More information in our Privacy Policy.