|Acunetix WVS Free Edition||8.0||20120509||Acunetix|
|Tested Against WAVSEP Version:|
|100.00% Detection Rate|
0.00% False Positives
|Response Type||Input Vector||Detection Rate||Details|
|Reflected XSS||HTTP GET (Query String Parameters)||33 out of 33||Detected: 1-30(1st&2nd),31,32 RXSS-Experimental-GET: 1,3|
|Reflected XSS||HTTP POST (Body Parameters)||33 out of 33||Detected: 1-30(1st&2nd),31,32 RXSS-Experimental-POST: 1,3|
|False Positive RXSS Test Cases||HTTP GET (Query String Parameters)||0 out of 7||None|
|The test was initiated in front of each individual directory using the default configuration, a disabled port scanner feature, and without any optimizations.|
|92.0% Detection Rate|
|Initialized WIVET's session, selected the default scan policy (you can only do an XSS scan anyway), limited the parallel connection threads to 1 single thread,
disabled the "ignore parameters on file extensions like js, css,etc", defined a valid session identifier and excluded the logout URL (100.php) by manually removing it from WIVET's menu.
I verified the results twice, and they came out the same.