Updating to VRT 1.7

We recently released VRT v1.7, with a platform integration planned for the week of March 25th. The release includes but is not limited to the below updates. For more information, see VRT 1.7.

  • Automative Security Misconfiguration category

  • Sensitive Data Exposure > Weak Password Reset Implementation > Token Leakage via Host Header Poisoning as a new P2 variant, which is consistent with how this issue has been triaged by Bugcrowd’s Application Security Engineers so far.

  • Two new P4’s related to 2FA Secret Management

  • Improved
  • Remediation Advice links to latest OWASP Documentation