Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Problem on reproducing the issue BurpSuite Reported

Genius | Last updated: Jan 24, 2019 09:29PM UTC

I am working on a project in which the BurpSuite's scanners report me there is a reflected xss vuln in there . The payloads is as : zhenw'-alert(1)-'xcwq The payload is working without any problem till I use "Show response in browser" in Burpsuite while when I use "Copy url" or manually copy that URL which is a GET based URL is not working anymore . I spent about 3 hours working on this to fix the problem but unfortunately it's not going to work at all without Brup Proxy and seems there is a limitation within Browsers to load this, I used CURL as well without any success (notable that I was unable to pipe the curl output to firefox or any other browsers) . I also url decoded the raw url but unfortunately it makes no difference and I am not able to do anything with this so called Reflected Xss . Searched over the google and porswigger's support portal and see some of such same issue but really I need your help to solve this problem . Thank you so much !

PortSwigger Agent | Last updated: Jan 25, 2019 08:15AM UTC

To help diagnose this can you please email screenshots of the advisory, request and response to support@portswigger.net and we'll investigate. It may be an issue that is only exploitable in particular browsers. Also, we recommend disabling the browser XSS filter why you are testing.

Burp User | Last updated: Jan 27, 2019 05:07PM UTC

Hello there . Just sent you email, and got no response till now .

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.