Invicti Standard

New security checks

• Added detection of cookieconsent2 as a technology in the Vulnerability Database (VDB)

Improvements

• Added the ability to replace placeholders in browser for Authorization Headers
• Improved report template of JWT Signature is not verified vulnerability
  

Resolved issues

• Fixed tar file import error by addressing the invalid HAR file syntax, which was causing the web app to disclose the local path of the OnDemand web app machine in the error message
• Fixed duplicated links issue while proto file import
  

Improvements

• Redirected support email addresses to the http://support.invicti.com/ link
• Updated Chromium from version 121 to version 131 for enhanced performance and compatibility
• Enhanced detection accuracy for Weak Ciphers Enabled by analyzing false positives

Resolved issues

• Resolved the “Internal Server Error” encountered on the Invicti scans/report API endpoint after enabling the “Prevent any sensitive information showing within the product” setting
• Resolved the issue where the Agent Verifier was encountering errors when using certificates in a Linux environment
• Resolved a coverage issue where the login page reappeared during scans

Improvements

• Added new paths to forced browsing
• Updated the vulnerability template for the Internal Server Error vulnerability
• Improved Insecure HTTP Usage detection

New Security Checks

• Added detection of Google Tag Manager as a technology in the Vulnerability Database (VDB)

Improvements

• Invicti Standard Agent upgraded to .NET 8 for improved performance and compatibility
• Improved analysis and remediation capabilities for [Possible] Server-Side Template Injection vulnerabilities

Fixes

• Fixed a missing proxy implementation for ICBD and Puppeteer
• Fixed an issue where Retest-type scans did not identify the same vulnerabilities detected during full scans
• Fixed high CPU usage in some agents caused by Chromium
• Fixed an issue where the Misconfigured Access-Control-Allow-Origin Header vulnerability was not detected
• Improved detection of the [Possible] Password Transmitted over Query String vulnerability.
  

Improvements

• Multiple .proto files can now be used for scanning gRPC API Web Services

Fixes

• Fixed an issue where uploading a .proto file caused a “No links found in the file” error
• Fixed missing request/response details for some out-of-band vulnerabilities

New Security Checks

• Added detection for multiple JavaScript libraries
• Added detection for Masa CMS (CVE-2022-47002 and CVE-2021-42183)

Fixes

• Fixed a bug that was disabling the skip scan phase option

New Security Checks

• Updated detection for ActiveMQ – Remote Code Execution (CVE-2023-46604) and TorchServe Management API SSRF (CVE-2023-43654)

Improvements

• Added ‘save as new’ and ‘overwrite’ options when importing scans
• Reporting improvements for the “Unknown Option Used In Referrer-Policy” vulnerability
• Added the ability to export/import scan profiles and scan policies between different instances of Invicti Standard

Fixes

• Various fixes for the verifiers
• Out-of-date version for Boolean Based MongoDB Injection is now reported correctly

New Security Checks

• Added XWiki version disclosure vulnerability and attack patterns.

Fixes

• Fixed the false negative issue related to Polyfill.io.
• Fixed an issue related to creating a custom script for a web application using the OIDC method with a login pop-up.

New Security Checks

• Adjusted the severity of SSLv3 and TLS 1.0 vulnerabilities to reflect their security risks
• Added support for CSP frame-ancestors
• Added detection for CVE-2024-6297, affecting several WordPress plugins

Improvements

• Pre-request script now works in DOM as well

Fixes

• Resolved an issue with a pre-request script that was affecting crawling functionality

New Security Checks

• Added detection for Jenkins Secret as a Sensitive Data Exposure

Improvements

• Started to utilize the Microsoft Azure Trusted Signing service for code signing of Invicti Standard

Fixes

• Fixed chromium-related issues in the agent
• Fixed the issue where temp folders could not be deleted and Chromium instances remained open when Puppeteer encountered an error
• Fixed the false positive on detection of “Stack Trace Disclosure (Java)”
• Fixed an issue related to the Moment.js regex
• Fixed the OIDC authentication issue
• Fixed the issue where the REST API endpoint returned HTTP 400 instead of HTTP 200 when sending custom values
• Fixed the issue preventing proper login to the target URL

New Security Checks

• Incorporated the reporting of sensitive information disclosures from Okta
• Added a check for Authentication bypass in Fortra’s GoAnywhere MFT (CVE-2024-0204)
• Added a check for Open SSH server RC (CVE-2024-6387)
• Added a check for cached pages that contain sensitive data (CWE-525)

Improvements

• Resolved an issue where scans were failing due to the TLS connection not being established

Fixes

• Resolved a problem that was causing scans to become stuck

Improvements

• Disabled the detection of CSRF vulnerabilities from built-in policies
• Added custom header support for SSRF registration

Fixes

• Fixed an issue related to BLR links