Acunetix 360 On-Demand

New feature

• Added Post-Request script feature (Read more)
• Integrated AI Assist Bot into Acunetix 360 On-Demand
  

New security checks

• Added a new XSS Security check

Improvements

• Updated workflows to improve reliability and security while maintaining alignment with GitHub’s best practices
• Addressed multiple versions of GitHub Actions available in the marketplace
• Added new REST API endpoint (agents/listverifiers) to retrieve AV agents data
• Restricted the Vulnerability Note field to 1000 characters

Resolved issues

• Resolved an issue causing scans to get stuck during archiving
• Resolved discrepancy between API (listByWebsite) and UI (Recent Scans) results
• Fixed an issue with verifying the existence of links in the link pool
• Improved incremental scanning
• Implemented logic to create the UserDocumentsDirectoryPath when it doesn’t already exist
• Added support for defining headers and HTTP method during CSV import

Resolved issues

• Resolved an issue on Technologies Dashboard
• The ‘Tags’ filter in All Issues now works correctly when using the ‘Not Contains’ condition
• Resolved issue where no results appeared when filtering the target list on the Target Group page. This was linked to the ‘View Target List’ permission
• Resolved communication issues in the TestBasicAuthCredentials process and improved HTTP connection handling
• Resolved an issue where not all attributes were exported correctly from the Issues page

Improvement

• Improved API Discovery of API specifications spread across multiple files in Mulesoft Anypoint Exchange

Improvements

• Enhanced technology version identification from URI
• Improved reporting of multiple technology detections on the same file
• Scheduled group scans will be initiated in chunks when exceeding 500 websites
• Updated footer URL in Invicti Enterprise reports
• The SelfDisable command is no longer sent to the Agent when its state is updated to Disabled
• Upgraded 3rd party script libraries
• Added support for encrypting proxy credentials settings in the agent appsettings.json file
• Updated the Splunk Python SDK for the Splunk Plugin to ensure compliance with the latest Splunk Vetting Policy

Resolved issues

• Fixed issue with error occurring when sending vulnerabilities to APIHub if externalId is Null
• Fixed permission issue with unlinking API in APIHub
• Fixed the issue to enable compatibility with the latest version of GitHub Actions
• Scheduled scans now remove the URL path after ‘#’ when using the default Scan Profile
• Fixed sorting issues in the dashboard to use numerical order instead of alphabetical
• Updated OpenSSL from version 3.3.1 to 3.3.2

API changes

• The Validate Imported Links API endpoint no longer requires a Target URL when a file is uploaded

New features

• Added single-tab crawling for websites that do not allow multiple-tab browsing
• Upgraded the Shortcut integration API endpoint to v3

Improvements

• Added Customizations folder to the Agent Output folder
• Removed Feature flag and implementation for the ‘HashiCorp-Vault-TLS-certificate-authentication-support-enabled’ flag
• Improved the performance of searching by profileName on the Scan-Index page

Resolved issues

• Updated APIHub npm package to the latest version
• Resolved scan authentication issues for multiple pages
• Resolved issues related to screenshots and login processes
• Fixed Dashboard Widget Active Issue is empty when selecting a specific target
• Fixed the problem of reverting vulnerability in issue update endpoint to default
• Fixed removes preferred agent group in update-scheduled API endpoint
• Fixed an auto-update issue for Verifier Agent
• Added control for URLs that should not be included in the scope
• Upgraded the Shortcut (Clubhouse) integration
• Resolved an issue caused by the Chromium version update by updating Chromium dependencies for the Linux operating system. Refer to the updated scripts to install the required dependencies for Headless Chrome. (Read more)