Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Missed RFI

Nicolas Krassas Oct 08, 2019 11:18AM UTC

Hi, testing again on zero.webappsecurity.com Burp ( 2.1.04 ) is missing the remote file inclusion at /help.html

eg:

http://zero.webappsecurity.com/help.html?topic=https://www.google.com


Nicolas Krassas Oct 08, 2019 11:29AM UTC
Adding more information.

After forcing an audit on the specific URL Burp was able to identify the Out of band resource loading that was missed on the initial website crawl and audit scan.

Liam Tai-Hogan Oct 09, 2019 09:19AM UTC Support Center agent

Thanks for this report. We’ve replicated this behavior and created a ticket to investigate further. We’ll update this thread when we have something to share.

Please let us know if you need any further assistance.


Post Your public answer

Your name
Your email address
Answer