Bug Reports - Page 71 - Burp Suite User Forum

Burp Academy Lab Progress not updating

Hello, I've been completing labs successfully, but the labs are not showing as completed on the course page or the progress tracking dashboard. Thanks, Alfonzo

erorr in the laps

i try to solve many laps but after i solve it in the lap page it says solved and continue leerning but after i go out to it seems that it doesnt solved and no change happen on thr laap description page it is not solved

SQL injection Lab

I have just started the academy and I noticed that even though I solve the initial labs in the https://portswigger.net/web-security/sql-injection the sign is Not solved in the initial page and in the...

Lab error

Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft solution not working Payload: '+UNION+SELECT+@@version,+NULL# Response: Internal Server Error

Burpsuite Enterprise: Dashboard icon scaling issue

Greetings; We have just finished our Burpsuite Enterprise trial license period and have a few bugs to report. Starting with an Icon scaling issue Burpsuite Enterprise Version: latest as of June 30th. Browser being...

Burpsuite Enterprise: Agent Licensing and Main licensing out of date sync

Run into an odd agent license vs main license expiry date sync issue whilst we were on the Burpsuite Enterprise Trial license. Burpsuite Enterprise Version: latest as of July 2 With 2 days remaining on the main...

Unable to run BurpSuite from window manager menu in Parrot OS.

Hi everyone, I have been trying to run Burp from the window manager menu in Parrot OS but there is no activity after clicking the icon. It was working a few hours ago and I've been facing this issue since. I tried running...

One of the Lab is not booting up

Since, 48 hours I'm not able to access a particular lab "Password reset poisoning via dangling markup" Error: Lab error Issue: Not Booting Date: 3 July 2021

Download link

Hi, when logged into my account, I am trying to download burpsuite pro and your download link buttons are not working. I click on them but nothing is triggering a download. They just say downloading but nothing is actually...

Burp scan timed out issue

In one application the scanner is not getting the response, while I get proper response in repeater, when the scanner request is taken from logger ++ and re-issued in repeater. The timeout under project options is set to 0...

Collaborator - False positiv

If the remote server do a HTTP request to RANDOMSTRING1.burpcollaborator.tld and the request contains RAMDOMSTING2.burpcollaborator.tld (for example in a POST value), the collaborator will report two HTTP requests as...

Is XPath injection a false positive?

In pen test report using the Burpsuite getting below report: 1. XPath injection 1.1. https://domain.com/api/v2/create_playlist_videos [URL path filename] 1.2. https://domain.com/api/v2/create_playlist_videos [URL path...

Installation not starting

I downloaded Burp Suite Community edition plain JAR file on my kali pi (Pi4 B, Kali 64 bit), I ran it through the terminal, the GUI for the installer started, but then in the terminal, it said, "Could not start Burp:...

Error in lab SQL injection attack

Hello! This lab seems to not work properly: Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft

Burp Suite Enterprise cannot do authenticated scans

Hello Burp, I hope i find you in good health. I would like to present to you a few problems that we encountered while working with Burp Enterprise. In the Web application scan configuration, we use in most...

An error occurred when starting a project with the selected options

Burp receives an error upon loading a specific project project. Upon loading a project (even with 'disable extensions' and 'burp setting defaults') the project window will open while the loading window continues working in...

Burpsuite Enterprise account activation emails with wrong port numbers

Good day all; Ran into an interesting error. Setup Burpsuite Enterprise - Ver: 2021.4.1 (Build 6864) on a fully patched Ubuntu 20.04 LTS. The install comes up on the expected port of 8080 . But when I add new user...

Logger fails to log requests from Authentication Token Obtain and Replace extension

I've noticed that the new integrated Logger fails to log requests from the Authentication Token Obtain and Replace extension (https://portswigger.net/bappstore/51327b097b354243b307b4ed87ba39e). For the logger all options...

Reflected XSS lab not working (The requested item was not found. We apologize for the inconvenience.)

I was trying to access the reflected XSS lab with latest Google Chrome on this URL: https://portswigger.net/web-security/cross-site-scripting/reflected/lab-html-context-nothing-encoded when I clicked on 'Access the...

Open redirection (DOM-based)

I am trying to analyze and understand Open redirection (DOM-based) that has been reported by Burp. It mentions Sink and Source and says:- the application may be vulnerable to DOM-based open redirection. Data is read from...