Has there been any changes to the detection logic used for QID 150000 - Persistent Cross-Site Scripting (XSS) Vulnerabilities and QID 150001 - Reflected Cross-Site Scripting (XSS) Vulnerabilities? Recently received two findings for each QID on the same application that has received no code changes in the last month. The QID 150001 findings have a very inconsistent history and have not been active for two subsequent scans, although this is might be related to recent Auth record success and failure. The QID 150000 findings are new and have no previous history.
Jayson A. Coulter