May 7, 2024
v24.5.0 - 7 May 2024
This update includes changes to the internal agents. The internal scan agent’s current version is 24.5.0. The internal authentication verifier agent’s current version is 24.5.0.
New Security Checks
- Added detection method for Angular
- Added a new security check for Oracle EBS RCE
Improvements
- Updated all IAST sensors to support Java 17 and 21
Fixes
- Fixed an issue with the detection method for wp-admin vulnerabilities
- Fixed the issue where scan profiles could not be created through automation tools, Postman, or through the Invicti API Documentation page
- Fixed the issue with scans that were stuck in 'Delayed' or 'Archiving' status
- Fixed an issue that was occurring with the Jira Integration when the Jira URL was set as Localhost
- Fixed a scan authentication issue and a crawling issue with Cloud Agents
- Fixed an issue that was occurring when websites were added with both http and https protocols
- The scan report pdf file name now includes the time and date when it is delivered via the scan completed notification
- Fixed the 504 error that was appearing when running the Scans_NewWithProfile endpoint
- Fixed a bug that was preventing retest scans from launching
- Fixed an issue with the scan data import from Invicti Enterprise to Invicti Standard
- Fixed the HTTP 401 forbidden response form authentication error
- Fixed a scan issue that was producing 413 error responses