Home
/
Documentation
/
v23.11.0
Invicti Product Release Notes
Invicti Enterprise On-Demand
Invicti Enterprise On-Premises
Invicti Standard
Invicti Application Security Platform
16 Nov 2023

v23.11.0

New features

  • Added an option under New Scan Policy > Ignored Parameters to allow customers to set 'Cookie' as a type of ignored parameter

New security checks

  • Added new checks for the WordPress Login with Phone Number Plugin: CVE-2023-23492
  • Added new checks for the WordPress JupiterX Core Plugin: CVE-2023-38389, CVE-2023-38388

Improvements

  • Added support for custom authentication tokens without token type
  • Improved LFI attack patterns for better accuracy
  • Fixed some vulnerabilities in the Docker image
  • Stricter sensitive data rules
  • Improved bot detection bypass scenarios

Fixes

  • Fixed custom header values in scan profiles so that they are masked
  • Docker Cloud Stack check has been updated to reduce noise
  • Fixed an issue with adding configuration files to scan profiles
  • SSL/TLS classification updated from CWE-311 to CWE-319