This release provides a security patch, as well as several minor bug fixes.
We have fixed a medium-severity security issue in the way Burp Suite processed HTTP/2 responses, which could have introduced XSS in certain circumstances.
We have upgraded Burp's browser to Chromium 96.0.4664.45
To prevent accidental loss of Burp project files, we have made the following adjustments:
- If you create a new project file without explicitly specifying a directory, the file will now be created in your user's home directory by default.
- On MacOS, if any project (.burp) files are detected within your Burp Suite installation directory, or any of its subdirectories, new updates will be prevented from running. In this case, you will be notified that you need to move your project files before you can update Burp Suite.