the scanner engine should include checking the response
HTTP from found vulnerabilities against a set of
example code. This will improve the tool's reporting
of false positives.
It will eliminate situations that a server responds
with a 200/OK when in fact it was only server-side
redirected due to a missing page that was asked for.
Currently to eliminate this false positive, manual
checking of the page must be done.