Bug Reports - Page 36 - Burp Suite User Forum

Burp Professional Target tab: scope issue

Host OS Windows 11, burp version is Burp Pro v2023 5.4 Build 21196 Issue: Targets tab Scope filtering by in-scope targets not working when 2 similar domain entries are used as "in scope" Details: In burp...

Domains ending with a dot throw ssl error.

The most recent versions of chrome and firefox will load this URL with the `.` at the end of the domain: https://portswigger.net. In burp browser this throws an ssl error: This site can’t provide a secure...

[BUG] Lab: DOM XSS in jQuery anchor href attribute sink using location.search source

The solution is hit the back button in "https://XXXXX.web-security-academy.net/feedback?returnPath=javascript:alert(document.cookie)" URL, exploring href unsanitized problem. Even so, the laboratory is not solved. I've...

Capturing uploaded packages on the mac book pro m1 is very clunky

Capturing uploaded packages on the mac book pro m1 is very clunky and even sometimes unresponsive, and the program must forcibly exit burp v2023.5.3

issues with 'add to site map' feature in Repeater tab

Hi, been having this issue for the longest time and even now in the current release of burp pro. so what happens is when im testing an api through burp but the api collection or documentation is off, i would need to many...

It seems like some release of the Jar files have the MacArm64 Chrome BurpBrowser and others don't

Using the Jar version on Mac there are inconsistencies with the embedded browser. Looking inside the Jar file on some versions there is an Arm64 browser and then some don't, even though I get an error that says unpacking the...

License activation is failing.

Hello, The assigned Burp license file to Onetrust organization is not working. Please look into and resolve the issue at the earliest. Regards, Sharan

Bug in lab "Web cache poisoning via an unkeyed query parameter"

Hi, it seems that there is a bug in the lab "Web cache poisoning via an unkeyed query parameter". The response to GET / never gets cached as the server always return X-Cache: miss. Cheers, Jesús

Lab: Web cache poisoning via an unkeyed query string is making unexpected request.

In the stated lab when the home page is taken into the repeater, and added with Pragma: x-get-cache-key header & value, the response contains X-Cache-Key: /$$origin=https://gt2p587.com, here the value in the origin is...

Facing issues accessing labs

ID.web-security-academy.net took tooo long to respond ERR_TIMED_OUT tried relaunching multiple times yesterday and today too but still showing the same.

Issue with lab

Hi, Is there any ongoing issue with below lab: https://portswigger.net/web-security/deserialization/exploiting/lab-deserialization-exploiting-java-deserialization-with-apache-commons Lab is not getting solved even...

Failed to create Burp: project: Duplicate key ... ERROR (Ambiguous hotkey definition is possible, for CTR+SHIFT+LEFT/RIGHT)

Dear Developers, I'm really pleased with the Burp Suite Pro, but today I defined some new Hotkeys and Burp allowed me to do this for Ctrl+Shift+Left and Ctrl+Shift+Right even when THESE KEYSTROKES WAS ALREADY DEFINED....

Burp crashes, asking for license key on relaunch

Hi there! I've encountered something pretty odd today twice. I'm running the 64-bit Windows version of Burp Suite Pro (1.7.27) and the application just crashes. Upon relaunching, I'm prompted to enter my license key. I'm...

getSelectionBounds() function return wrong indexes when message contains Chinese

I try to get selected content with function "getSelectionBounds()". but I found it return wrong indexes when message contains Chinese, and Chinese is in front of the selected. here is the code of test: source =...

Montoya API NoSuchMethodError

When loading an extension that uses the burp.api.montoya.ui.menu.MenuItem.basicMenuItem method, I receive the following exception: java.lang.NoSuchMethodError: 'burp.api.montoya.ui.menu.BasicMenuItem...

net.portswigger.devtools.client.impl.connection.local.Zo: Unpacking the BurpBrowser binaries failed because the chromium-linuxarm64-114.0.5735.90.zip archive was not found on the classpath

Hello I have an iMac M1 and work with Parallels and Kali Linux as VM. There I installed burpsuite with sudo apt install burpsuite, but I cannot open the Browser. I cannot insert the screenshot which I have made. What...