itsMe Posted October 7, 2023 Share Posted October 7, 2023 This is the hidden content, please Sign In or Sign Up NEW FEATURES Added critical severity as a new vulnerability level NEW SECURITY CHECKS Added security check for appwrite SSRF (CVE-2023-27159) Added security check for Metabase RCE (CVE-2023-38646) Updated WAF detection Added security check for Ivanti EPMM Unauthenticated API Access (CVE-2023-35078) Added security check for MinIO Information Disclosure (CVE-2023-28432) Added security check for KeyCloak XSS (CVE-2021-20323) Added security check for Strapi Cognito provider Auth Bypass (CVE-2023-22893) Added security check for ServiceNow XSS (CVE-2022-38463) Added security check for SAP NetWeaver KW XSS (CVE-2021-42063) Added security check for XProber Information Disclosure Added security check for SAP NetWeaver DI SSRF (CVE-2021-33690) Added security check for open Consul API detection Updates to vulnerable WordPress plugins IMPROVEMENTS Upgraded to OpenSSL 3.1.2 (On-Premises only) Improved LSR restrictions Improved scanning so that repeated links with the same content are not detected Improved scanning of recursive relative links Crawling improvements by excluding repeated inexistent paths When an issue is pushed to the issue tracker, the vulnerability detail shows the issue’s URL for easier navigation Updated the Software Composition Analysis (SCA) database IAST – moved the .NET folder from ProgramData\Acunetix to ProgramData\Invicti folder. The Injector.exe (IAST .NET framework automatic installation tool) will force upgrade if an older version of IAST .NET Sensor is installed. FIXES Fixed a bug that was preventing starting a scan from Target Groups Fixed a bug that was preventing System Admins from adding targets to Target Groups This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts