all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

The curl quirk that exposed Burp Suite & Google Chrome

Add to bookmarks
March 28, 2023, 1:13 p.m. |

PortSwigger Research portswigger.net

In this post, we'll explore a little-known feature in curl that led to a local-file disclosure vulnerability in both Burp Suite Pro, and Google Chrome. We patched Burp Suite a while back, but suspect

amp back burp burp suite chrome curl disclosure exposed file google google chrome led local pro vulnerability

Visit resource

More from portswigger.net / PortSwigger Research

Refining your HTTP perspective, with bambdas 3 days, 22 hours ago | portswigger.net
clue cors headers http +9
Introducing SignSaboteur: forge signed web tokens with ease 1 week, 3 days ago | portswigger.net
authentication authorization beyond depth +9
Making Desync attacks easy with TRACE 2 months, 1 week ago | portswigger.net
attacks can constraints easy +8
Using form hijacking to bypass CSP 2 months, 3 weeks ago | portswigger.net
bypass can configuration csp +6
Top 10 web hacking techniques of 2023 3 months, 1 week ago | portswigger.net
community hacking identify research +7
Hiding payloads in Java source code strings 4 months, 1 week ago | portswigger.net
abuse can code conceal +5
Top 10 web hacking techniques of 2023 - nominations open 4 months, 3 weeks ago | portswigger.net
blog blog posts community hacking +8
Finding that one weird endpoint, with Bambdas 5 months, 2 weeks ago | portswigger.net
act balancing act concepts endpoint +6
Blind CSS Exfiltration: exfiltrate unknown web pages 5 months, 3 weeks ago | portswigger.net
css discover exfiltration gif +3

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
View on infosec-jobs.com