CVE-2022-35406

EUVD-2022-38296
A URL disclosure issue was discovered in Burp Suite before 2022.6. If a user views a crafted response in the Repeater or Intruder, it may be incorrectly interpreted as a redirect.
Open Redirect
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 48%
Affected Products (NVD)
VendorProductVersion
portswiggerburp_suite
𝑥
< 2022.6
portswiggerburp_suite
𝑥
< 2022.6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://portswigger.net/burp/releases/professional-community-2022-6?requestededition=professional
https://portswigger.net/burp/releases/professional-community-2022-6?requestededition=professional