# Issue Properties

Issue properties define how detected vulnerabilities are reported in Burp Suite. Each profile configures the issue name, severity, confidence, and detailed description.

## 📋 Issue Fields

### 📝 Issue Name (`IssueName`)

The title of the vulnerability as it appears in Burp Suite's issue list.

```json
{
  "IssueName": "Reflected Cross-Site Scripting (XSS)"
}
```

**💡 Best practices:**

* ✅ Use descriptive names that identify the vulnerability type
* 🐛 Include the CVE number for known vulnerabilities (e.g., `CVE-2021-44228 Log4j RCE`)
* 📝 Keep names concise but informative

### ⚠️ Issue Severity (`IssueSeverity`)

The severity level of the vulnerability:

| Value              | Description               | When to Use                                                   |
| ------------------ | ------------------------- | ------------------------------------------------------------- |
| 🔴 `High`          | Critical vulnerability    | RCE, SQLi, authentication bypass, data breach                 |
| 🟠 `Medium`        | Significant vulnerability | XSS, CSRF, open redirect, SSRF                                |
| 🟡 `Low`           | Minor vulnerability       | CORS misconfiguration, information disclosure                 |
| 🔵 `Information`   | Informational finding     | Technology detection, missing headers, interesting parameters |
| ⚪ `False positive` | Known false positive      | Mark findings that are not actual vulnerabilities             |

### 🎯 Issue Confidence (`IssueConfidence`)

The confidence level of the detection:

| Value          | Description            | When to Use                                                                   |
| -------------- | ---------------------- | ----------------------------------------------------------------------------- |
| ✅ `Certain`    | Verified vulnerability | Response clearly confirms the vulnerability (e.g., payload reflected exactly) |
| 🟢 `Firm`      | Likely vulnerability   | Strong indicators but not 100% confirmed                                      |
| 🟡 `Tentative` | Possible vulnerability | Weak indicators, requires manual verification                                 |

## 📄 Issue Detail (`IssueDetail`)

The detailed description of the finding. Supports HTML formatting and dynamic placeholders.

### 🔧 Placeholders

| Placeholder | Replaced With                       |
| ----------- | ----------------------------------- |
| `<payload>` | 💉 The actual payload that was sent |
| `<grep>`    | 🔍 The grep pattern that matched    |

### 📝 Example

```json
{
  "IssueDetail": "<br/>- PAYLOAD: <br/><payload>\n<br/><br/>\n- GREP: <br/><grep>"
}
```

At runtime, this renders as:

```
- PAYLOAD:
<script>alert(1)</script>

- GREP:
<script>alert(1)</script>
```

### 📚 Detailed Example with Background

```json
{
  "IssueDetail": "The application is vulnerable to reflected XSS. The following payload was injected and reflected in the response without proper encoding:\n\n<br/><br/>- PAYLOAD: <br/><payload>\n<br/><br/>\n- GREP: <br/><grep>\n\n<br/><br/>This allows an attacker to execute arbitrary JavaScript in the context of the victim's browser session."
}
```

## 📖 Issue Background (`IssueBackground`)

General background information about the vulnerability type. This appears in the "Issue background" section of Burp's issue details.

```json
{
  "IssueBackground": "Cross-Site Scripting (XSS) vulnerabilities allow attackers to inject malicious scripts into web pages viewed by other users. These scripts can steal session tokens, redirect users to malicious sites, or modify page content."
}
```

## 🔧 Remediation Detail (`RemediationDetail`)

Specific remediation guidance for the detected vulnerability.

```json
{
  "RemediationDetail": "Implement proper output encoding for all user-supplied input. Use context-appropriate encoding (HTML entity encoding for HTML contexts, JavaScript encoding for JS contexts). Consider implementing a Content Security Policy (CSP) as a defense-in-depth measure."
}
```

## 📖 Remediation Background (`RemediationBackground`)

General remediation background information about the vulnerability class.

```json
{
  "RemediationBackground": "Input validation and output encoding are the primary defenses against injection vulnerabilities. Always validate input on the server side and encode output based on the context where it will be rendered."
}
```

## 📚 Complete Example

```json
{
  "IssueName": "SQL Injection",
  "IssueSeverity": "High",
  "IssueConfidence": "Firm",
  "IssueDetail": "A potential SQL injection vulnerability was detected. The following payload caused an anomalous response:\n\n<br/><br/>- PAYLOAD: <br/><payload>\n<br/><br/>\n- GREP: <br/><grep>",
  "IssueBackground": "SQL injection vulnerabilities arise when user-controllable data is incorporated into database queries without proper sanitization. An attacker can manipulate the SQL query to access, modify, or delete data in the database.",
  "RemediationDetail": "Use parameterized queries (prepared statements) for all database operations. Never concatenate user input directly into SQL queries.",
  "RemediationBackground": "The most effective defense against SQL injection is to use parameterized queries, which separate SQL logic from data values."
}
```

## 🖥️ How Issues Appear in Burp Suite

When a match is found, Burp Bounty Pro creates an issue that appears in:

1. 📊 **Burp Bounty Pro Dashboard** — The Issues table in the Dashboard tab
2. 📋 **Burp Suite Dashboard** — The global Issue activity panel
3. 🗺️ **Target Site Map** — As annotations on affected URLs

Each issue includes:

* ⚠️ The configured severity and confidence
* 📡 The full request/response pair
* 🔴 Highlighted payload and grep matches (markers shown in red)
* 📄 The issue detail with placeholder values replaced