The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Burp suite scan reports vulnerability "Session token in URL"

Nagesh | Last updated: Sep 28, 2022 04:45AM UTC

Hi, Regarding above subject, CSRF token is being sent in the URL but I am not able to conclude this as valid defect. help me here to understand more on this issue. Reported issue misguides me as session token in the URL instead of CSRF token in the URL. Thanks

Liam, PortSwigger Agent | Last updated: Sep 28, 2022 10:33AM UTC