Unlock enhanced API scanning with Burp Suite Enterprise Edition  –  Learn more

Professional / Community 1.7.06

08 September 2016 at 15:46 UTC

SHA256: {SHA FROM OPTION GOES HERE} MD5: {MD5 FROM OPTION GOES HERE}

This release introduces a new scan check for second-order SQL injection vulnerabilities. In situations where Burp observes stored user input being returned in a response, Burp Scanner now performs its usual logic for detecting SQL injection, with payloads supplied at the input submission point, and evidence for a vulnerability detected at the input retrieval point.

The release also fixes a number of minor bugs.