Viewing issue details

  • Last updated: May 17, 2022

  • Read time: 2 Minutes

Wherever an issue is shown in Burp Suite Enterprise Edition, you can click on it to open the issue details. If there is more than one URL listed for the given issue, you need to click on the specific URL where the issue that you want to investigate was found.

The issue details page contains the following tabs.


This tab shows the key information about the issue, such as its severity and the scanner's confidence that the issue is present. The host and URL path where the issue was found are also displayed.

You can expand the collapsible headings to see more detailed information about how the issue was found, a summary of the background for this type of issue, and some general remediation suggestions.

If you are certain that this issue is a false positive, you can mark it as such by clicking the "Mark as false positive" button.

If an issue was found by an extension, you will be informed of this here.

Requests and responses

For each issue, tabs are shown for the HTTP requests and responses where the issue was found. Depending on the issue, there might only be one request and one response, or there might be a series of several interconnected requests and responses that lead to the issue.

Key parts of each request and response, such as a payload injected by the scanner and the string or regex in the response that confirms this vulnerability, are highlighted in red to help you analyze the issue.

If your administrator has configured an integration with Jira, you can create a Jira ticket linked to this issue.

Dynamic analysis

For DOM-based vulnerabilities, the "Dynamic analysis" tab shows the results of Burp Scanner's dynamic analysis of JavaScript using an embedded headless browser. It loads HTTP responses into the browser, injects payloads into the DOM at locations that are potentially controllable by an attacker, and executes the JavaScript within the response. Burp Scanner also interacts with the page by creating mouse events to achieve as much code coverage as possible. It monitors dangerous sinks that could be used to perform an attack in order to identify any injected payloads that reach them.

The tab shows the values that were injected into a given source and the values that subsequently reached a sink. A stack trace at both the source and sink are also included.

Wherever possible, the dynamic analysis also generates a proof of concept that you can use to reproduce the issue manually.