We recently released VRT v1.7, with a platform integration planned for the week of March 25th. The release includes but is not limited to the below updates. For more information, see VRT 1.7.
Updating to VRT 1.7
Automative Security Misconfiguration category
Sensitive Data Exposure > Weak Password Reset Implementation > Token Leakage via Host Header Poisoning as a new P2 variant, which is consistent with how this issue has been triaged by Bugcrowd’s Application Security Engineers so far.
Two new P4’s related to 2FA Secret Management
Remediation Advice links to latest OWASP Documentation