Bug Reports - Page 90 - Burp Suite User Forum

Cannot login on a different computer

I have been trying to login on a separate computer, which is a build I use that has Burp Suite on it, but keep getting an error message. This is different to the 'login failed' message when using incorrect credentials, and...

Cross Site Scripting (DOM based)

Burp has created two different tentative DOM XSS issues with this description: "The application may be vulnerable to DOM-based cross-site scripting. Data is read from location and passed to $() via the following...

Burp Suite Pro Project File Corrupt

Hi team, Im having a project file when attempt to open it, it shows the following message: Failed to create Burp project: ArrayIndexOutOfBoundsException Current Burp version I'm using: Burp version 2021.3.1 Build...

Wrong URL path is used in Reflected XSS vulnerability description

Initially below URL is used as vulnerable application URL path. https://insecure-website.com/search?term=gift And to show how is it vulnerable , the URL path got changed as...

ASP ViewState does not show up

I have an issue with the ViewState Tab not showing up in the Request/Response view I can see the hidden form elements and on a POST request I can see the Parameters being sent, but the Tab is not showing up. Here is a...

Need help!

Heya! It says my CA Certificate isn't installed, even though I did on my phone. And I gave it permissions + Restarted my springboard.

Issues installing Burp in Mac OS Catalina 10.15.4

Hello, I am not able to install burp suite professional for a MAC with OS Catalina 10.15.4 I see the following message error when I tried to Install it: "Burp Suite Professional Installer" can't be opened because Apple...

Academy - Clickjacing attacks

Hello! When I tried to solve the "Clickjacking" academy labs, I got an error message when tried to see my exploit in the exploit server. The form of the sytle is missing, I got only a ""Resource not found - Academy...

JRE Appears to be version 11.0.11-ea

When i start lastest verion of Bupsuite i got this error! https://i.imgur.com/7j7AK3s.png JRE Appears to be version 11.0.11-ea from Debian Burp has not been fully tested on this platform and you may experience...

Burp Enterprise - Waiting for agent (stuck)

Hello I have a burp enterprise instance with 1 agent machine with 5 agents on the same host all. WHen I try to scan somsething I get the message "Waiting for agent" and I can't scan anything. In the agent page, I see: An...

Burp Extender API IContextMenuInvocation wrong Data

Hi There With the latest Version of Burp (2021.3.1) we have following issue: The IContextMenuInvocation Object passed to the createMenuItems Method of a IContextMenuFactory class holds the wrong request Object with...

External Service Interaction False Positive

While running active scan against a site while on a VPN, Burp reported an issue for External Service interaction. However, the service being interacted with is coming from my Public IP on the VPN and not from the site I am...

install macOS Catalina

Getting he following error when opening the installer on macOS Catalina “Burp Suite Professional Installer.app” can’t be opened because Apple cannot check it for malicious software. This software needs to be updated....

XSS redirect on click button "go to exploit server"

Hi, I'm a security information student, and I have studied through the PortSwigger academy. When exploring the lab "Lab: Reflected XSS into HTML context with all tags blocked except custom ones", a bug appens. After...

Crawl was configured to use a browser, but a browser could not be started. Falling back to non browser based navigation

I have installed Burp Suite Professional on a Kali Linux. I installed this yesterday on a VMWare workstation instance. Everything is the latest version. When I try to run a crawl/audit, the crawl starts with but throws...

presumable bug in lab - SQL injection attack, listing the database contents on Oracle

Hi, I'm doing the lab - mentioned in the subject, and I think I found a bug. If I list the tables from the databases I got a huge list, but I can't list the content of any of the tables. I used this url to get the...

Bug in "Reflected XSS into HTML context with all tags blocked except custom ones" Lab

Hello there, Good Day and I hope you're doing well! First of all thank you so much to PORTSWIGGER team for creating Web Academy. Its really great resource of learning and I am enjoying it. My name is Hardik Maru, and I...

Scope Bug

Hello, Issue: Burp Suite does not respect the defined scope specified in "Target Scope". The issue is if the specified in-scope URL appears in a GET parameter (or possible elsewhere on the same line) of a site that is...

In Kali Linux 2021 unable to connect to an UNsecured website

Hi There, I keep getting the following error both with Firefox and the Burp browser. It will not connect to the website zero.webappsecurity.com. This is a site setup to be used as a testing tool so various tools can...

Increase Scanner Speed

Hello, I noticed that the speed of requests does not appear to match the # of maximum concurrent requests specified in the resource pool. For example, I am noticing a max of 2 requests per second but have specified 30...