New role scopes: Scope project-issues:write allows to grant access to project issue management separately from access to project settings. Scope scan-labels:manage provides granular access to editing labels in scans that are already running or have been finished.
Improved SSTI test: The SSTI test improved by adding the new GO template payloads
Known Issues
Windows narrator repeats the title of items from dropdown lists 3 times. - Bug on Google Material side (to be fixed in the next updates): In a number of dropdown lists, the Windows narrator repeats list items 3 times instead of voicing them only once.
Authentication-Related Issues
Error when creating recorded browser-based authentication with Chrome record made starting from an empty tab: When creating a record in Chrome starting from an empty tab and then creating recorded browser-based authentication using the created record, the user gets the following error: The actual URL (chrome-error://chromewebdata/) doesn't match up to the specified validation URL (chrome://YOUR_PAGE), please make sure the URL is correct or record again with the correct configuration.
Recording created with Google Chrome recorder is not replayed with the Evaluation failed error. When replaying the recording, an error appears: Evaluation failed. TypeError: Failed to execute ‘observe’ on ‘IntersectionObserver’: parameter 1 is not type ‘Element’… For details, see Troubleshooting Authentication Issues.
Custom headers support - The Bright app now allows users to manually add a custom header to browser-based form authentication and -recorded one. The auth_object prefix has also been added to the app for all authentication commands. All existing user commands will be updated automatically.
Excessive data exposure - The new test added, which tests the application for not screening sensitive information on the server side, depending on the client side to filter the sensitive data out.
Allow signups with business emails only - Registration with company email only is now available.
Known Issues
Windows narrator repeats the title of items from dropdown lists 3 times. - Bug on Google Material side (to be fixed in the next updates): In a number of dropdown lists, the Windows narrator repeats list items 3 times instead of voicing them only once.
Authentication-Related Issues
Error when creating recorded browser-based authentication with Chrome record made starting from an empty tab: When creating a record in Chrome starting from an empty tab and then creating recorded browser-based authentication using the created record, the user gets the following error: The actual URL (chrome-error://chromewebdata/) doesn't match up to the specified validation URL (chrome://YOUR_PAGE), please make sure the URL is correct or record again with the correct configuration.
Recording created with Google Chrome recorder is not replayed with the Evaluation failed error. When replaying the recording, an error appears: Evaluation failed. TypeError: Failed to execute ‘observe’ on ‘IntersectionObserver’: parameter 1 is not type ‘Element’… For details, see Troubleshooting Authentication Issues.
Project-level file storage - Now uploaded files must be associated with a project so they can be shared between project team members.
GraphQL introspection test - Tests for externally exposed API documentation by querying /graphql endpoint. The target is the information about the schema and the data flow.
Known Issues
Windows narrator repeats the title of items from dropdown lists 3 times. - Bug on Google Material side (to be fixed in the next updates): In a number of dropdown lists, the Windows narrator repeats list items 3 times instead of voicing them only once.
Authentication-Related Issues
Error when creating recorded browser-based authentication with Chrome record made starting from an empty tab: When creating a record in Chrome starting from an empty tab and then creating recorded browser-based authentication using the created record, the user gets the following error: The actual URL (chrome-error://chromewebdata/) doesn't match up to the specified validation URL (chrome://YOUR_PAGE), please make sure the URL is correct or record again with the correct configuration.
Recording created with Google Chrome recorder is not replayed with the Evaluation failed error. When replaying the recording, an error appears: Evaluation failed. TypeError: Failed to execute ‘observe’ on ‘IntersectionObserver’: parameter 1 is not type ‘Element’… For details, see Troubleshooting Authentication Issues.
Recording created with Google Chrome recorder is not replayed because UID was changed. Some web applications specify a UID in the element name. Since web applications are frequently releasing new features, UID might change, which will cause the authentication object not working. For details, see Troubleshooting Authentication Issues.
New onboarding wizard - new onboarding wizard is an essential part of the Bright app, which provides clarity to the installation process, and will help users to better understand all the app functionalities.
Known Issues
Windows narrator repeats the title of items from dropdown lists 3 times. - Bug on Google Material side (to be fixed in the next updates): In a number of dropdown lists, the Windows narrator repeats list items 3 times instead of voicing them only once.
Authentication-Related Issues
Error when creating recorded browser-based authentication with Chrome record made starting from an empty tab: When creating a record in Chrome starting from an empty tab and then creating recorded browser-based authentication using the created record, the user gets the following error: The actual URL (chrome-error://chromewebdata/) doesn't match up to the specified validation URL (chrome://YOUR_PAGE), please make sure the URL is correct or record again with the correct configuration.
Recording created with Google Chrome recorder is not replayed with the Evaluation failed error. When replaying the recording, an error appears: Evaluation failed. TypeError: Failed to execute ‘observe’ on ‘IntersectionObserver’: parameter 1 is not type ‘Element’… For details, see Troubleshooting Authentication Issues.
Recording created with Google Chrome recorder is not replayed because UID was changed. Some web applications specify a UID in the element name. Since web applications are frequently releasing new features, UID might change, which will cause the authentication object not working. For details, see Troubleshooting Authentication Issues.
OTP (one-time password): Bright now provides the possibility to use a Time-Based One-Time Password (TOTP) and Hash-Based One-Time Password (HOTP). OTP is used during the creation of an authentication object for a target that uses a TOTP input field.
Editable labels for scans: it is now possible to filter scans by one or multiple labels, which simplifies the interactions with a large number of scans. Also, all the existing labels can be autocompleted in new scan settings, if needed.
Known Issues
Windows narrator repeats the title of items from dropdown lists 3 times. - Bug on Google Material side (to be fixed in the next updates): In a number of dropdown lists, the Windows narrator repeats list items 3 times instead of voicing them only once.
Authentication-Related Issues
Error when creating recorded browser-based authentication with Chrome record made starting from an empty tab: When creating a record in Chrome starting from an empty tab and then creating recorded browser-based authentication using the created record, the user gets the following error: The actual URL (chrome-error://chromewebdata/) doesn't match up to the specified validation URL (chrome://YOUR_PAGE), please make sure the URL is correct or record again with the correct configuration.
Recording created with Google Chrome recorder is not replayed with the Evaluation failed error. When replaying the recording, an error appears: Evaluation failed. TypeError: Failed to execute ‘observe’ on ‘IntersectionObserver’: parameter 1 is not type ‘Element’… For details, see Troubleshooting Authentication Issues.
Recording created with Google Chrome recorder is not replayed because UID was changed. Some web applications specify a UID in the element name. Since web applications are frequently releasing new features, UID might change, which will cause the authentication object not working. For details, see Troubleshooting Authentication Issues.
Editable labels for scans: Now all the scans can be marked by attaching fully editable labels, which are displayed in the scan details tab. It is available both in UI and API interfaces and helps users to attach any valuable information to the scan.
Prevent duplicate tickets: There are no more duplicating tickets while scanning using any type of available integrations. Also, as a part of this update, ticketing integration settings were moved from the Organization level to the Project level. As a result, adjusting the ticketing setting is now way faster and easier.
Known Issues
Windows narrator repeats the title of items from dropdown lists 3 times. - Bug on Google Material side (to be fixed in the next updates): In a number of dropdown lists, the Windows narrator repeats list items 3 times instead of voicing them only once.
Authentication-Related Issues
Error when creating recorded browser-based authentication with Chrome record made starting from an empty tab: When creating a record in Chrome starting from an empty tab and then creating recorded browser-based authentication using the created record, the user gets the following error: The actual URL (chrome-error://chromewebdata/) doesn't match up to the specified validation URL (chrome://YOUR_PAGE), please make sure the URL is correct or record again with the correct configuration.
Recording created with Google Chrome recorder is not replayed with the Evaluation failed error. When replaying the recording, an error appears: Evaluation failed. TypeError: Failed to execute ‘observe’ on ‘IntersectionObserver’: parameter 1 is not type ‘Element’… For details, see Troubleshooting Authentication Issues.
Recording created with Google Chrome recorder is not replayed because UID was changed. Some web applications specify a UID in the element name. Since web applications are frequently releasing new features, UID might change, which will cause the authentication object not working. For details, see Troubleshooting Authentication Issues.
Authentication trigger via browser’s location change patterns: Now the authentication object detects logout trigger via URL location change in the browser. The users just need to type exactly the same URL or its segments that they see in the search bar and do not need to think about whether it was an HTTP request or just manipulation of entries in the history.
Change severity of Project Issues: Bright now provides the possibility to manually change the severity of a particular project issue. Therefore, customers can use the app as a “source of truth” for their full collection of project scan findings.
Known Issues
Windows narrator repeats the title of items from dropdown lists 3 times. - Bug on Google Material side (to be fixed in the next updates): In a number of dropdown lists, the Windows narrator repeats list items 3 times instead of voicing them only once.
Authentication-Related Issues
Error when creating recorded browser-based authentication with Chrome record made starting from an empty tab: When creating a record in Chrome starting from an empty tab and then creating recorded browser-based authentication using the created record, the user gets the following error: The actual URL (chrome-error://chromewebdata/) doesn't match up to the specified validation URL (chrome://YOUR_PAGE), please make sure the URL is correct or record again with the correct configuration.
Recording created with Google Chrome recorder is not replayed with the Evaluation failed error. When replaying the recording, an error appears: Evaluation failed. TypeError: Failed to execute ‘observe’ on ‘IntersectionObserver’: parameter 1 is not type ‘Element’… For details, see Troubleshooting Authentication Issues.
Recording created with Google Chrome recorder is not replayed because UID was changed. Some web applications specify a UID in the element name. Since web applications are frequently releasing new features, UID might change, which will cause the authentication object not working. For details, see Troubleshooting Authentication Issues.
Authentication trigger via browser’s location change patterns: Now the authentication object detects logout trigger via URL location change in the browser. The users just need to type exactly the same URL or its segments that they see in the search bar and do not need to think about whether it was an HTTP request or just manipulation of entries in the history.
Mismatch of results when running a scan with crawler versus HAR fixed.: There is no more mismatch of issue severities when running a scan with crawler versus HAR.
Change severity of Project Issues: Bright now provides the possibility to manually change the severity of a particular project issue. Therefore, customers can use the app as a “source of truth” for their full collection of project scan findings.
Known Issues
Windows narrator repeats the title of items from dropdown lists 3 times. - Bug on Google Material side (to be fixed in the next updates): In a number of dropdown lists, the Windows narrator repeats list items 3 times instead of voicing them only once.
Authentication-Related Issues
Error when creating recorded browser-based authentication with Chrome record made starting from an empty tab: When creating a record in Chrome starting from an empty tab and then creating recorded browser-based authentication using the created record, the user gets the following error: The actual URL (chrome-error://chromewebdata/) doesn't match up to the specified validation URL (chrome://YOUR_PAGE), please make sure the URL is correct or record again with the correct configuration.
Recording created with Google Chrome recorder is not replayed with the Evaluation failed error. When replaying the recording, an error appears: Evaluation failed. TypeError: Failed to execute ‘observe’ on ‘IntersectionObserver’: parameter 1 is not type ‘Element’… For details, see Troubleshooting Authentication Issues.
Recording created with Google Chrome recorder is not replayed because UID was changed. Some web applications specify a UID in the element name. Since web applications are frequently releasing new features, UID might change, which will cause the authentication object not working. For details, see Troubleshooting Authentication Issues.
Authentication trigger via browser’s PAGE (DOM) change patterns: When the target application is opened with an unauthenticated browser, there may be some elements on the page, which are not visible when the browser is authenticated (for example, the login form). Now the user can pick the element’s selector using the browser’s Development Tools and create a trigger that starts the authentication process if an element is found using this selector. For details, see Creating Authentication.
Known Issues
Windows narrator repeats the title of items from dropdown lists 3 times. - Bug on Google Material side (to be fixed in the next updates): In a number of dropdown lists, the Windows narrator repeats list items 3 times instead of voicing them only once.
Authentication-Related Issues
Error when creating recorded browser-based authentication with Chrome record made starting from an empty tab: When creating a record in Chrome starting from an empty tab and then creating recorded browser-based authentication using the created record, the user gets the following error: The actual URL (chrome-error://chromewebdata/) doesn't match up to the specified validation URL (chrome://YOUR_PAGE), please make sure the URL is correct or record again with the correct configuration.
Recording created with Google Chrome recorder is not replayed with the Evaluation failed error. When replaying the recording, an error appears: Evaluation failed. TypeError: Failed to execute ‘observe’ on ‘IntersectionObserver’: parameter 1 is not type ‘Element’… For details, see Troubleshooting Authentication Issues.
Recording created with Google Chrome recorder is not replayed because UID was changed. Some web applications specify a UID in the element name. Since web applications are frequently releasing new features, UID might change, which will cause the authentication object not working. For details, see Troubleshooting Authentication Issues.
Copy scan configuration as REST API (curl) option: Bright now enables users to copy scan settings as REST API cURL command to run a scan. When there are several scans with different settings completed in Bright, the user can copy the scan configuration as REST API (curl) command to start a new scan. Therefore, it is possible to use the same scan settings to automate scan execution or to integrate into CI/CD.
Known Issues
Windows narrator repeats the title of items from dropdown lists 3 times. - Bug on Google Material side (to be fixed in the next updates): In a number of dropdown lists, the Windows narrator repeats list items 3 times instead of voicing them only once.
Authentication-Related Issues
Error when creating recorded browser-based authentication with Chrome record made starting from an empty tab: When creating a record in Chrome starting from an empty tab and then creating recorded browser-based authentication using the created record, the user gets the following error: The actual URL (chrome-error://chromewebdata/) doesn't match up to the specified validation URL (chrome://YOUR_PAGE), please make sure the URL is correct or record again with the correct configuration.
Recording created with Google Chrome recorder is not replayed with the Evaluation failed error. When replaying the recording, an error appears: Evaluation failed. TypeError: Failed to execute ‘observe’ on ‘IntersectionObserver’: parameter 1 is not type ‘Element’… For details, see Troubleshooting Authentication Issues.
Recording created with Google Chrome recorder is not replayed because UID was changed. Some web applications specify a UID in the element name. Since web applications are frequently releasing new features, UID might change, which will cause the authentication object not working. For details, see Troubleshooting Authentication Issues.
