The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

CSRF vulnerability with no defenses -> not solved but exploit works

Massimo | Last updated: Mar 09, 2023 02:57PM UTC

Hi, i'm trying to solve the lab, also the lab "CSRF where token validation depends on request method" in both labs the exploit works for me and i can change the mail. But the page with only the submit button does not occur if i press "view the exploit". i will be forwarded to the page with the changed email address. In the end, i send it to the victim, but the labs are still "not solved" can anyone please help me? I also tried online csrf poc generator but it is still not solved. Thank you very much Massimo :)

Ben, PortSwigger Agent | Last updated: Mar 10, 2023 09:17AM UTC