Unlock enhanced API scanning with Burp Suite Enterprise Edition  –  Learn more

Professional / Community 2024.6.5

07 August 2024 at 21:00 UTC

SHA256: {SHA FROM OPTION GOES HERE} MD5: {MD5 FROM OPTION GOES HERE}

This release updates the default Intruder payload list to include email splitting attacks. For more information on email parsing discrepancies, including how they can be exploited, see the Splitting the Email Atom: Exploiting Parsers to Bypass Access Controls white paper by Gareth Heyes from our PortSwigger Research team.