This was a bug in Repeater/Intruder whereby a meta redirect would be followed when a user clicked the follow redirection button regardless of the content type or content disposition headers used on the target web site. This could disclose the referrer header. It was considered a low severity issue because the attack scenario involved multiple unlikely steps that involved user interaction. We have rectified this behaviour since the report and Burp now will not follow meta redirects when a content type or content disposition header would prevent redirection. We’d like to thank @mr_vrush for their cooperation and collaboration in this report.