New Security Checks
- Added detection for Jenkins Secret as a Sensitive Data Exposure
Improvements
- API Discovery: changes to the setup configuration for the Invicti Network Traffic Analyzer
Fixes
- Fixed an error that was occurring when editing Report Policies
- Fixed the WMI spiking issue that was causing CPU 100% problems
- API Discovery: in certain cases, discovered APIs from Apigee were not properly shown
- Fixed the issue where the ServiceNow Integration fields were not loading while editing the integration
- Fixed the issue where clicking the clone button in the Jira integration incorrectly redirected to the create new integration page
- Fixed Chromium related issues in the agent
- Corrected the description of the "api/1.0/scans/test-scan-profile-credentials" endpoint
- Fixed the error when selecting a custom time period in the Dashboard Date Range
- Fixed the issue where temp folders could not be deleted and Chromium instances remained open when Puppeteer encountered an error
- Fixed the display issue on the Scan Summary page
- Fixed the false positive on detection of "Stack Trace Disclosure (Java)"
- Fixed a scan authentication issue and reduced latency
- Fixed the issue that was preventing the download of detailed PCI reports
- Fixed an issue related to the Moment.js regex
- Updated the OpenSSL configuration on the Cloud AMI
- Fixed the disk space issue in the Invicti Common folder
- Fixed the automatic syncing of issues with Jira integrations
- Fixed the issue where scans were failing due to a TLS connection not being established
- Fixed the OIDC authentication issue
- Fixed the issue where the REST API endpoint returned HTTP 400 instead of HTTP 200 when sending custom values
- Fixed the issue preventing proper login to the target URL