CVE-2022-35406

Опубликовано: 08 июл. 2022

Источник: nvd

CVSS3: 4.3

CVSS2: 4.3

EPSS Низкий

Описание

A URL disclosure issue was discovered in Burp Suite before 2022.6. If a user views a crafted response in the Repeater or Intruder, it may be incorrectly interpreted as a redirect.

Ссылки

https://portswigger.net/burp/releases/professional-community-2022-6?requestededition=professional
Patch
Release Notes
Vendor Advisory
https://portswigger.net/burp/releases/professional-community-2022-6?requestededition=professional
Patch
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:portswigger:burp_suite:*:*:*:*:community:*:*:*

Версия до 2022.6 (исключая)

cpe:2.3:a:portswigger:burp_suite:*:*:*:*:professional:*:*:*

Версия до 2022.6 (исключая)

EPSS

Процентиль: 47%

0.0024

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-601

Связанные уязвимости

CVE-2022-35406

CVSS3: 4.3

debian

больше 3 лет назад

A URL disclosure issue was discovered in Burp Suite before 2022.6. If ...

GHSA-3x46-hg82-953f

CVSS3: 4.3

github

больше 3 лет назад

A URL disclosure issue was discovered in Burp Suite before 2022.6. If a user views a crafted response in the Repeater or Intruder, it may be incorrectly interpreted as a redirect.

EPSS

Процентиль: 47%

0.0024

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-601