Skip to content

2020.05 Release Notes

In May 2020, the Managed Services team is releasing a new version of the Managed Services Platform. This is a maintenance release.

This release provides the following improvement:

Updates to XML and GET vulnerabilities in the v3 API: Reports can contain vulnerability data. This includes reports retrieved by using the API request, Get Vulnerabilities. When in XML format, the vulnerability data can contain HTML markup. In previous releases, HTML markup in a report was enclosed in HTML/XML-encoded angle brackets, and was otherwise unchanged; for example:

<xml>
    <description>
         ...
         &lt;script/&gt;        <!-- Where '&lt;script/&gt;' indicates the HTML markup. -->
         ...
    </description>
</xml>

As of the current release, 2020.05, reports in XML use character data (CDATA) notation to encapsulate HTML markup. The angle brackets are no longer encoded. For example:

<xml>
    <description>
        ...
        CDATA[<script/>]        <!-- Again '<script/>' indicates the HTML markup,
                                     but now the angle brackets are not encoded, and the markup is enclosed in
                                     the square brackets introduced by the keyword 'CDATA'. -->
        ...
    </description>
</xml>

Release Notes

New field name and value for proof-of-concept (POC) records: In the next release, 2020.06, the name of the <instance> field will be replaced by <pocInstanceId>.

For example, a record formatted as follows in current reports:

<pocs>
    <poc>
        <instance> ... </instance>
        <description> ... </description>
    </poc>
<pocs>

... will appear as follows in release 2020.06 and thereafter:

<pocs>
    <poc>
        <pocInstanceId> ... </pocInstanceId>
        <description> ... </description>
    </poc>
<pocs>

New method to retrieve a proof-of-contact (POC) image: In addition to the change of field name, as just described, release 2020.06 will introduce a new API method, GET POC, that will fetch a POC image, using the <pocInstanceId> value returned by calls to Get Vulnerabilities or Get Individual Vulnerability.

Instead of returning a URL as the POC <instance>, both the <poc> field and the GET POC method will identify the image by using a unique ID value.

Parent topic:2026.5.0 Release Notes