v25.3.0 - 11 March 2025

This update includes changes to the internal agents. The internal scan agent’s current version is 25.3.0. The internal authentication verifier agent’s current version is 25.3.0.

Improvements

• Enhanced technology version identification from URI
• Improved reporting of multiple technology detections on the same file
• Scheduled group scans will be initiated in chunks when exceeding 500 websites
• Updated footer URL in Invicti Enterprise reports
• The SelfDisable command is no longer sent to the Agent when its state is updated to Disabled
• Upgraded 3rd party script libraries
• Added support for encrypting proxy credentials settings in the agent appsettings.json file
• Updated the Splunk Python SDK for the Splunk Plugin to ensure compliance with the latest Splunk Vetting Policy

Resolved issues

• Fixed issue with error occurring when sending vulnerabilities to APIHub if externalId is Null
• Fixed permission issue with unlinking API in APIHub
• Fixed the issue to enable compatibility with the latest version of GitHub Actions
• Scheduled scans now remove the URL path after ‘#’ when using the default Scan Profile
• Fixed sorting issues in the dashboard to use numerical order instead of alphabetical
• Updated OpenSSL from version 3.3.1 to 3.3.2

API changes

• The Validate Imported Links API endpoint no longer requires a Target URL when a file is uploaded