Auto Resolve Support by Test Type
Auto Resolve automatically closes vulnerabilities that are no longer detected when re-scanned under the same scan configuration.
Not all test types are eligible for Auto Resolve.
- Some tests operate at entrypoint level and can be automatically re-validated.
- Other tests operate at application or host level and require manual review.
Below is the current support matrix.
Auto Resolve Support Matrix
| Test Type | Auto Resolve Support |
|---|---|
| XSS (Reflective) | Supported |
| SQL Injection | Supported |
| SQL Error Message | Supported |
| XPath Injection | Supported |
| NoSQL Injection | Supported |
| NoSQL Error Message | Supported |
| Path Disclosure | Supported |
| OS Injection | Supported |
| Blind Time-based OS Injection | Supported |
| Remote File Inclusion (RFI) | Supported |
| Local File Inclusion (LFI) | Supported |
| HTML Injection | Supported |
| CSS Injection | Supported |
| Iframe Injection | Supported |
| Insecure Output Handling | Supported |
| SSRF | Supported |
| Blind SSRF | Supported |
| XXE | Supported |
| Server-Side Template Injection (SSTI) | Supported |
| File Upload | Supported |
| High CSRF | Supported |
| Broken JWT Authentication | Supported |
| JWT Role Bypass | Supported |
| ID Enumeration | Supported |
| Business Constraint Bypass | Supported |
| Prototype Pollution | Supported |
| Server-Side JS Injection | Supported |
| Email Header Injection | Supported |
| LDAP Error Message | Supported |
| Session ID in URL | Supported |
| Secret API Keys | Supported |
| Connection String | Supported |
| Excessive Data Exposure | Supported |
| Prompt Injection | Supported |
| JavaScript Vulnerabilities | Supported |
| Insecure Cookie | Supported |
| Directory Listing | Supported |
| Brute Force Login | Supported |
| Open Database | Supported |
| GraphQL Introspection | Supported |
| Broken SAML | Supported |
| Blind Time-based NoSQL Injection | Supported |
| Date Manipulation (BL_DATES) | Supported |
| Unvalidated Redirection | Supported |
| Broken Access Control | Supported (requires identical authentication configuration) |
Not Supported for Auto Resolve
| Test Type |
|---|
| Amazon S3 Takeover |
| Open Cloud Storage |
| BOPLA |
| XSS (Stored) |
| Version Control System Disclosure |
| Default Login Location |
| HTTP Methods (Critical) |
| Header Security Issues |
| WordPress Vulnerabilities |
| Common Files |
| Insecure TLS Configurations |
| Insecure Cookie (Weak Session ID) |
| Misconfigured WebDAV |
| WebDAV Authentication |
| LRRL (Rate Limiting) |
| Nuclei CVE |
| Improper Assets Management |
Notes
- Auto Resolve works only when the scan configuration remains identical.
- Application-level and host-level tests are not supported for generic Auto Resolve.
- Time-based tests may occasionally require manual validation.
Updated about 17 hours ago