![]() Some functions within Burp's in-browser interface that increased its attack surface have been removed altogether, including the Proxy history, the buttons to repeat requests and view responses, and support for the plug-n-hack Firefox extension.As well as fixing known issues at source, we have taken a defense-in-depth approach to hardening Burp in response to them, including: We are pleased that our bug bounty program has alerted us to these issues within Burp. If a user scans a malicious website and another website within the same Burp project, then the malicious website might be able to capture the raw data of any Burp Collaborator interactions that were performed by the other website.If a user scans a malicious website and another website within the same Burp project, and exports all of the scan results as a single HTML report, and views that report in a browser, then the malicious website can capture the scan results for the other site.If a user visits a malicious website in their browser, and in Burp selects a crafted request that was generated by that website, and uses either the "Request in browser" function or the "Generate CSRF Poc" and "Test in browser" function, then the malicious website can XSS an arbitrary website.Note that all of these issues involve the Burp user actively testing a malicious website that has been designed specifically to attack Burp Suite. ![]() ![]() This release fixes the following security issues that were identified through our bug bounty program. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |