There is a bug in the Active Scan++ extension. When I right-click a request in the Repeater tab, or from another location, and try to run a scan on it, nothing happens.
After clicking “Launch all attacks,” I don’t see any activity in the Burp Suite Logger tab. If it were working, it would easily detect the vulnerability. This is a minimum-level XXE PortSwigger lab environment.
Not only with “Launch all attacks” — there is also no activity when I start XML Security.
If I start a scan with Burp Suite, it manages to run passively in the background. It only works with Burp Suite’s scan.
This is also with the Burp Suite scan started. As you can see, it only works with the Burp Suite scan.
By the way, whether I add the target to scope or not, none of the right-click “Launch attack” functions work.
Windows 11 Burpsuite v2026.4.3
C:\Windows\System32>java --version
java 21.0.10 2026-01-20 LTS
Java(TM) SE Runtime Environment (build 21.0.10+8-LTS-217)
Java HotSpot(TM) 64-Bit Server VM (build 21.0.10+8-LTS-217, mixed mode, sharing)
There is a bug in the Active Scan++ extension. When I right-click a request in the Repeater tab, or from another location, and try to run a scan on it, nothing happens.
After clicking “Launch all attacks,” I don’t see any activity in the Burp Suite Logger tab. If it were working, it would easily detect the vulnerability. This is a minimum-level XXE PortSwigger lab environment.
Not only with “Launch all attacks” — there is also no activity when I start XML Security.
If I start a scan with Burp Suite, it manages to run passively in the background. It only works with Burp Suite’s scan.
This is also with the Burp Suite scan started. As you can see, it only works with the Burp Suite scan.
By the way, whether I add the target to scope or not, none of the right-click “Launch attack” functions work.
Windows 11 Burpsuite v2026.4.3
C:\Windows\System32>java --version
java 21.0.10 2026-01-20 LTS
Java(TM) SE Runtime Environment (build 21.0.10+8-LTS-217)
Java HotSpot(TM) 64-Bit Server VM (build 21.0.10+8-LTS-217, mixed mode, sharing)