CVE-2018-10377

CVE-2018-10377

EPSS 0.9%

PortSwigger Burp Suite before 1.7.34 has Improper Certificate Validation of the Collaborator server certificate, which might allow man-in-the-middle attackers to obtain interaction data.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://releases.portswigger.net/2018/06/1734.html https://hackerone.com/reports/337680 https://integritylabs.io/advisories/cve-2018-10377