Active checks which will be added to Browser-based DAST after 17.0 include: * [x] CWE-16: Trace HTTP method * [x] CWE-384: Session Fixation * [ ] CWE-79: Improper Neutralization of Input (XXS)