We recently released VRT v1.7, with a platform integration planned for the week of March 25th. The release includes but is not limited to the listed updates. For more information, see VRT 1.7 with New Automotive Security Misconfiguration .
Updating to VRT 1.7
Automative Security Misconfiguration category
Sensitive Data Exposure > Weak Password Reset Implementation > Token Leakage via Host Header Poisoning as a new P2 variant, which is consistent with how this issue has been triaged by Bugcrowd’s Application Security Engineers so far.
Two new P4’s related to 2FA Secret Management
Remediation Advice links to latest OWASP Documentation