Previously, Burp has been able to report OS command injection using both blind and non-blind techniques:
- Injecting commands to trigger a time delay in the response.
- Injecting commands to echo a value in the response.
- A bug in the Collaborator Server that could cause threads to become deadlocked when processing incoming HTTP requests that time out. It is recommended that users with private Collaborator Server deployments update to the new version.
- Some issues affecting the new site map UI that was introduced in 1.6.19.
- A bug in the interactive prompting for platform authentication.