|Tested Against WAVSEP Version:|
|12.12% Detection Rate|
42.86% False Positives
|Response Type||Input Vector||Detection Rate||Details|
|Reflected XSS||HTTP GET (Query String Parameters)||8 out of 33||Cases Detected: 1-5,30(1st&2nd),32 Cases Missed: 6-29,31|
|Reflected XSS||HTTP POST (Body Parameters)||0 out of 33||Cases Missed: 1-32|
|False Positive RXSS Test Cases||HTTP GET (Query String Parameters)||3 out of 7||1,2,6|
|I used the spider feature of WebScarab to crawl the various application pages, accessed the XSS/CRLF tab, marked all the URLS (CTRL+A) and pressed the ?check? button, so the tool will try and confirm vulnerabilities.
Only URLs with GET parameters were suspected as being vulnerable (I verified that the behavior persists with one additional version of WebScarab - 20090427).