Important note
Customers currently using version 23.7.0 on Windows running internal agents will need to perform additional steps in order for this update to run successfully in their environment. Affected customers have been contacted directly with more information.
New features
- Added the option to set a Custom HTTP Authorization Header under Scan policy > HTTP > Request
- Adjusted agent download parameters to allow installation of internal scanner agents using docker client via Invicti registry service
- Changed compression tool from 7zip to Tar
New security checks
- Added new patterns to detect XSS
Improvements
- Improved detection and reporting of File Inclusion vulnerabilities
- Improved detection and reporting of Sensitive Data Exposure vulnerabilities
- Improved detection and reporting of Dockerfiles
Fixes
- Fixed incorrect reporting of outdated technology versions
- Fixed a bug that was preventing reports from being saved
- Fixed an issue that can cause too much browser user data to be left in the temp folder