diff --git a/CHANGELOG.md b/CHANGELOG.md
index f0c0d66d4a9aa79dcf60ddd793b29b57d16e9d5b..68a4fa8a78e28e8227650d03822186896009f7e7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,12 @@
 
 ## v3.0.71
 - Enable breach attack simulation attacks with feature flag `DAST_FF_ENABLE_BAS_ATTACKS` (!746)
+- Upgrade browserker to version `0.0.148` (!749)
+  - Add active check finding summary as `vulnerabilities[].location.param` so findings are not de-duplicated [browserker!1083](https://gitlab.com/gitlab-org/security-products/analyzers/browserker/-/merge_requests/1083)
+  - Release browserker FIPS compliant Docker image [browserker!1080](https://gitlab.com/gitlab-org/security-products/analyzers/browserker/-/merge_requests/1080) [browserker!1073](https://gitlab.com/gitlab-org/security-products/analyzers/browserker/-/merge_requests/1073)
+  - Update dast-chromium to `22.04-108.0.5359.94-1-20230321081952` [browserker!1080](https://gitlab.com/gitlab-org/security-products/analyzers/browserker/-/merge_requests/1080)
+  - Ensure active check findings are not deduplicated [browserker!1082](https://gitlab.com/gitlab-org/security-products/analyzers/browserker/-/merge_requests/1082)
+  - Attack IDs can be specified in `OnlyIncludeAttacks` [browserker!1088](https://gitlab.com/gitlab-org/security-products/analyzers/browserker/-/merge_requests/1088)
 
 ## v3.0.70
 - Upgrade browserker to version `0.0.147` (!744)
diff --git a/Dockerfile b/Dockerfile
index c048ce3f2349931de8e1f236e204b1b8f06e1374..e62a76ed644f7d93ea6f572a13579583ec52138f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-ARG BASE_IMAGE_VERSION=0.0.147
+ARG BASE_IMAGE_VERSION=0.0.148
 ARG BASE_IMAGE=registry.gitlab.com/security-products/dast/browserker:$BASE_IMAGE_VERSION
 
 FROM $BASE_IMAGE as compiled_dependencies
diff --git a/test/end-to-end/expect/test_browserker_active_check_22_1.json b/test/end-to-end/expect/test_browserker_active_check_22_1.json
index 90e44d0eccca9abf4c44d1a8106a761bce1c31a6..375908f8ff13b4b7aa3fd4021d1c6a56644daf20 100644
--- a/test/end-to-end/expect/test_browserker_active_check_22_1.json
+++ b/test/end-to-end/expect/test_browserker_active_check_22_1.json
@@ -134,7 +134,7 @@
       "location": {
         "hostname": "http://check-22-1",
         "method": "POST",
-        "param": "",
+        "param": "application/x-www-form-urlencoded form field file_name with injection /etc/passwd",
         "path": "/read-file"
       },
       "name": "Improper limitation of a pathname to a restricted directory (Path traversal)",
diff --git a/test/end-to-end/expect/test_mutual_tls_browser_based.json b/test/end-to-end/expect/test_mutual_tls_browser_based.json
index f2f5cbfed2f9756b8e9b85110f3470a896df328c..73025d7cf4dcb05fc7cf9570bd797fa2e957805d 100644
--- a/test/end-to-end/expect/test_mutual_tls_browser_based.json
+++ b/test/end-to-end/expect/test_mutual_tls_browser_based.json
@@ -87,7 +87,7 @@
       "location": {
         "hostname": "https://nginx",
         "method": "POST",
-        "param": "",
+        "param": "application/x-www-form-urlencoded form field file_name with injection /etc/passwd",
         "path": "/read-file"
       },
       "name": "Improper limitation of a pathname to a restricted directory (Path traversal)",
diff --git a/test/end-to-end/test-browserker-bypass-zap.sh b/test/end-to-end/test-browserker-bypass-zap.sh
index c41ffcaa5ed335f53ec916394a5646301ff8cec9..bef8b03cd8308c7d488a3435d34699afae09ac9e 100644
--- a/test/end-to-end/test-browserker-bypass-zap.sh
+++ b/test/end-to-end/test-browserker-bypass-zap.sh
@@ -27,6 +27,7 @@ test_browserker_scan_bypassing_zap() {
     --env DAST_BROWSER_LOG="loglevel:trace" \
     --env DAST_BROWSER_INCLUDE_ONLY_RULES="16.8" \
     --env DAST_FF_BYPASS_ZAP=true \
+    --env DAST_BROWSER_CRAWL_GRAPH="True" \
     "${BUILT_IMAGE}" \
     /analyze -t https://nginx >output/test_browserker_scan_bypassing_zap.log 2>&1
   assert_equals "0" "$?" "Expected to exit without errors"
diff --git a/test/end-to-end/test-browserker-check-22-1.sh b/test/end-to-end/test-browserker-check-22-1.sh
index 674b19738e670da702d8a938d0c75027bc498962..564648c6ee2e6942734ded06e73e6cdd8b1aab2c 100644
--- a/test/end-to-end/test-browserker-check-22-1.sh
+++ b/test/end-to-end/test-browserker-check-22-1.sh
@@ -32,6 +32,7 @@ test_browserker_active_check_22_1() {
     --env DAST_FF_ENABLE_BROWSER_BASED_ATTACKS="true" \
     --env DAST_BROWSER_LOG="brows:debug,chrom:trace" \
     --env DAST_BROWSER_DEVTOOLS_LOG="Default:suppress; Fetch:messageAndBody,truncate:2000; Network:messageAndBody,truncate:2000" \
+    --env DAST_BROWSER_CRAWL_GRAPH="True" \
     "${BUILT_IMAGE}" \
     /analyze -d -t http://check-22-1 >output/test_browserker_active_check_22_1.log 2>&1
   assert_equals "0" "$?" "Expected to exit without errors"