Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openbugbounty1orzeroOBB:1110764
HistoryMar 05, 2020 - 7:48 a.m.

varlamov.consulting Cross Site Scripting vulnerability

2020-03-0507:48:00
1orzero
www.openbugbounty.org
7
JSON

Open Bug Bounty ID: OBB-1110764

Security Researcher 1orzero Helped patch 102 vulnerabilities
Received 3 Coordinated Disclosure badges , a holder of 3 badges for responsible and coordinated disclosure, found a security vulnerability affectingvarlamov.consulting website and its users.

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:

&nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence;
&nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence.

Affected Website: varlamov.consulting
Open Bug Bounty Program: Create your bounty program now. It’s open and free.
Vulnerable Application: Custom Code
Vulnerability Type: XSS (Cross Site Scripting) / CWE-79
CVSSv3 Score: 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N]
Disclosure Standard: Coordinated Disclosure based on ISO 29147 guidelines
Discovered and Reported by: **1orzero Helped patch 102 vulnerabilities
Received 3 Coordinated Disclosure badges **
Remediation Guide: OWASP XSS Prevention Cheat Sheet
Export Vulnerability Data: Bugzilla Vulnerability Data
JIRA Vulnerability Data [ Configuration ]
Mantis Vulnerability Data
Splunk Vulnerability Data
XML Vulnerability Data [ XSD ]

Vulnerable URL:

![](data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAiEAAAA3CAIAAABVZQ1/AAAACXBIWXMAAA7EAAAOxAGVKw4bAAAUAklEQVR4nO2df0xTVxvHu1qxllKhlsqvucIcGMeQOcaQMUPUONMRUjdUxphiNMgYI4yo6whxjG1IEJ0jCzFEEzTEGWMIIYQw0xDTIFFUUmvDaoOkdLUwBISuYsXqff842cl9769egQLC8/mr99xzzv2e55zep/e59z59jSAIAQAAAAD4AOFcCwAAAAAWLOBjAAAAAF8BPgYAAADwFeBjAAAAAF8BPgYAAADwFeBjAAAAAF8xL3xMZGTknTt32DaBRcg8XAPzUBIwT7hz585XX3011yrmKXPvY+7evfvixYv169czbgKLkHm4BuahJGD+kJOTo1Kp5lrFPMWLj+nv7w8ICGDcNT4+fuzYMbZN/jQ3N6enp7NtznM47LOAoYyaPPUzYpDZXwNeZZMlPXr0aN++fcHBweHh4d99992zZ89m/HAz1WF/f39QUBC5Ai6ZTfiMd8onkKnx7bffLl++/OTJk9OfiJGREaPRWFRUNCPCFiAEJ1arVSqV8tnFUZObxMTEK1eusG3Oc6Y86lca7ql3u93T7H/214DXeSRLSk9Pz8rKstvtZrM5JSVFq9VO4YjTtxKfDq1Wa2BgIEEaIC6ZZbyOdza/SsPDw0Kh0GAweDye6U/E4jwJ8GeOY2UDAwMWiyU1NZVxE3gVWbZs2XSaz8M1QJb05MmT7u7uurq68PDwmJiYkydPXr58eQp9TtNKL9uhSCSKjo4mf5hlZny808HlckkkkvXr1y9ZsmReCVuQ8PIxv/32W2Rk5MqVK7/88svx8XGBQDA+Pq5SqVwu12uvvXbu3DnyJrr8PH78+KpVq4KCgvbu3fvkyRO2npubm7dt27Z06VLK5o4dO44fP44K79y5s2zZMnRcgUBw8ODBt956i2Pv4cOHuZsfPnwYC9i9e/cvv/yCNzdu3Hju3DmBQHDz5s2NGzcuX748ODh4586dDx48EPx3yX/s2LHg4ODQ0NCzZ89ShsPR6sSJE5GRkf7+/rt37x4ZGTl8+HBwcPDKlSv37dv3+PFj1Pzx48cHDx4MDg5+/fXXf/zxx+fPn7PJI/P8+fPvv/9+1apV/v7+O3fuHBkZYeyKoiQoKOiLL77AZrl58+ZHH30UEBAQHh7+2Wef/fXXXwJaiIMxzEJZCeQmHIcbGBj45JNPAgICIiMjT5w4Qe6WvCQYVT19+nT//v0BAQFvvPHGDz/8gIb2UlPGaDEB0zqnS1q+fPnff//t7++PdvX29oaFhQkEggcPHnz88cf+/v5vvvnmr7/+yh2PIluJLpvDbmymI3eIlAQEBMTExFy4cAEVhoeH3759G324ceMGKvzzzz85RFIqMM4FoyXpNidH6hhPDpRVxKaNbeLoq53DhiMjI5STFXlS6LL5fHMBDrz7GJfLZTAYOjs7u7q6HA6HVqsVCAQrVqwwm81SqdTtdmdnZ5M3d+zY4XK5urq6bt26devWre7u7qqqKrbO2W7GpKWl6XQ6VNjS0vLixYu2tja0qdPpNBoNx161Ws3dXK1W4yPu2rWrqakJfR4YGDAYDBqNRiAQdHd35+bmDg4OmkymiIiIgoICbA2z2Wwymerr61NSUijD4WhlMBg6OjoMBoPD4Vi7du3w8LDRaLx+/brVai0pKUHVCgsLHQ5Hd3d3W1tbc3NzbW0tmzwyVVVVOp1Op9NZLJawsLCenh7GrrASo9GIZtNms+FDp6Wl5eTk2Gy2jo6OlJQUsVjMNmUUKCuBspftcAUFBX5+fr29vTqd7vz58+Qm5CXBqKq8vHxiYsJoNLa1ten1+tOnT3s1PmXKGC3GuM7pksjcu3fv0KFD1dXVaEQymcxsNl+5cqW+vh7XCaZB6YRRNpvduE2HK8hksp6entbWVuxjGMnJydmyZQvyPRRu3ry5ZcuWnJwcXMI4F4yWZLQ5hvHkQF9FjNrYDse42tlsuHLlSvLJiqKNIpvnNxfggjuUZrVaBQKB0+lEm52dnVFRUXgXY1AeNbHZbKi8sbExISEBfbbZbCqVCjdxuVxSqXR0dJS+6XA4JBIJCpUmJiYWFxdnZWWhzmUymc1m49g7OTnJ3XxychJrmJiYQB0SBFFbW5uenk43Qm9vb0hICB4aFkw3AkersbExVN7R0SEUCicmJrBJ16xZQxCEx+ORSqV9fX2ovLm5OSkpiY88pVLZ3d1NLmHsiqDNZkdHB5rN0dFRkUhED0zTp5gS3KdXo3xmPJzH4xGLxVheY2MjvkNAXgNsqhQKhcvlQp8NBkNiYiLdJhxTxmgxjnVOWaUYu90eFRV18eJFPCLymscjstOgG5Aim81uHKbDHXIooeNyuSoqKuRy+a5duywWCyq0WCy7du2Sy+UVFRXYzmxzQbckwfk14Tg5UGzCqI3xcIyrncOGFD2U5UqRzeebC/djuHm5e/7kG4YcPkYsFuPynp4epVKJPns8HofDgXc1NjZu3ryZbTM+Pr69vX1wcDAiImJsbEypVHo8njNnznz66ade9/KpgMnMzKypqSEIYuvWrQ0NDaiwu7t769atYWFhCoVCLpcznlvpJXxaUW664k2Hw+Hn54fLLRYLOksyysOMjY2JRCKPx0MuZOuKQ0lmZmZ8fHxxcXF1dfXVq1cZRzcFH8PYnCKvp6cHy6CsAbqq0dFRgUCg+A+5XI5XF88pY7QYh2UokjBJSUloXtCIKGue+746+XB02Rxi2EyHm7ysEoIgRkdHNRqNSCRCmyKRSKPR4BMrhj4XjJYkOL8mHCcHxjM1WRvb4RhXu9cvHaOP4f52s31zwcdwM6v3/JcsWRIaGoo3uZ9aVqvVOp2upaUlLS1txYoV8fHxer0eR7q49/KpgEHxqEePHnV1dWEBGo1m06ZNer3eYDC0trbyHODUWnHDKI/CkiVLpnmUP/7448yZM3FxcZOTk8XFxd988800O5walDVAV+V2u4VC4a1btwwGg8FgMBqNBoMBVX4p4/O3GGOgbGBgwGg08rGS11iZL9YMf+7fv19QUKDX68vLy1FJeXm5Xq/Pz8+/f/8+uSbbCpn+2uOvzaeHA3wFtwua2nWMgHQ53NTUhC+HyXg8HoVCga9wKZsEQXR2diYmJqanp7e2thIEUVtbW1hYGBISgq6EuPfyqYBxu91yufzUqVP4EmdoaAj/rCMIwmAw8LmO4dmK7dcQW4CLLo+CUqk0GAwU27LFyjiUkJVHREQQBOF0OoVCITngMCPXMSieY7VaUTmO59DXAKMqqVRKD5jwnzJGi3FIZZTk8XjIhZQIVVNTE89YGaNsjmliMx1brIyshE5eXp5UKi0uLh4eHiaXDw8PFxUVSaXSvLw8xoZ4LuiWJDi/JhwnB0orRm2Mh2OLlcF1zDxh6j7G5XKJRCIcKsWbaBllZGTY7XaTyRQfH19WVoZ7wCFdvV4fGxuLyymbCKVSqVQqURO73S6TyeLj43nu9VqBHFzOysqSyWSXLl0it62trR0bG7NYLBqNhm0xOZ1OkUhkNpvRJTyfVmwrlSCIAwcOpKen22w2k8m0YcMGHIqhyyOLr6ioSExMNBqNdrsd/e5j64pNSU9Pz/bt29vb24eHh20224EDB9LS0lCdxMTEAwcODA4OWiyWlJQUVJ8yavJK4ONjCILIyMjQaDRWq9VkMsXFxaFyyhpgU5WXl5eUlGQymRwOR1VVVXl5+UtNGaPF2KQyLkv6FBAEodFoyGuef6yMLpt7wTCajtyEv5Ls7GzsrhhFZmdno89sc8G49rz6GMaTA+V8wqiN8XAE02qfTR9js9nIAUCAwtR9DEEQZWVlEomkvr6evHnixAmpVFpZWalUKgMDA/fs2YPvkpF7O3ToUElJCe6KsonIysrKyMjAmwkJCeQ63Hu5K1DG1dTUJJVKsU6CIPR6fUJCglgsDgkJKS4u5jhhabVabAQ+rTh8jMvlys3NVSgUERERZWVlOPRMkUfp0OPxHDlyRKFQiMVijUaDfvcxdsWmZHJysqysLDo62s/PT6lUZmdnDw4Oojq9vb2bN2+WSqXr1q2rqanBUsmjJkgrgaePGRwcTEtLk0qlKpWqsrISlVPWAJsqt9tdVFQUEREhkUjUajX+Act/yugWY5PKuCzpk0gQhN1u37Ztm0QiiYqKqq6u5u9j6LK5Fwyj6chNkBKpVBodHe1VCU/Y5oJx7XH7GLaTA0E7n9BhPBzBtNpn08e43W6xWIy9I0DBi4+ZAjyvHKOjo69fv862CSwezGYzuvE7D9fA1CSxBSHJFWYkuoJN96qwUMNKhYWFjA+GAARBiObqPtC9e/c4NoHFg8FgiIqKEszLNTAPJZHBpgPmlurqavzsCUDhJZ4rW0i5zSMjI2/fvv3555//888//JssmOHPOT/99NPZs2cfPnx448aNkpKSvLy8uVY0ezx79qyzszMiImJqzRez6eYtS5cuff/99+daxTyFr49ZSLnN0Vjee+89Pz+/Q4cO8W+yMIY/H0hNTa2trY2IiMjOzi4sLNy7d+9cK5o9cnNzCwoKKioqptZ8MZsOeCXhGVP7+eefCwoKiP+eDKFw6tSptrY2mUxGftAwOTkZ3S8lNxEKhSqVqry8HN/QrqmpiYqK8vPzi4+PR88ZI5xOZ2Fh4erVq8VicXR0dGVlJW7CpoGySyQSxcbGojexGcfS3d2NXk7kP/zpwCcYPTY2VlFRwae3q1evxsfHSySSpKQko9E4HVV0Y85Jal4AABYefH0Mzm2OTpTu/wed/dVqdWFhIarf2NgYFhaGclGQm0xMTKD8H+iR05qaGpVKpdPphoaGLly4IJfL8fOI6BlNs9k8NDSk0+lSU1O7urrQLg4N5F1DQ0MXL15UKBQtLS0cY3mp4U+TGcxwHhIS0tTUNDo6WlZWxvgGEk/oxjSbzeBjAACYEXj5GIfDERgYiNJ8cZwEzWazRCLp6+vzeDzR0dH4GUR6k46OjnXr1hEEERYW1t7ejstPnTqFnrufmJgQiUT0hBZsHXLsOn36tFqtftmxkCE38TX8fYxCoUAv9LW0tMTFxc3gEb0+FgUAAMATXvdjKBn42YiJicnNzdVqtXV1dTKZjCNSLBaLPR7P+Pi4w+Egp2XdtGkTyqX64sULFOziI4+bxMREk8mEN3mOhZxa3Gu2+VnOcI7Iz89Xq9Vff/11SUkJJb0uo8ipwfEfAbgOOZU9NkVQUNDOnTsfPXqEyslNbty4ERoaevfu3SmrAgDgVYGvj+H537dHjx5tb28vKSmpqalhq/Pw4cPS0lKNRuNyucRiMfl0L5PJnE6nQCDw9/dXq9WZmZnXrl2b5p80yOVy1CfC61joWc29Zpuf5QznCJQ/o76+vq2t7e233ybvYkvU7zV3Fh22/wjA9Pf3l5WV4U2UMLG9vd1kMoWEhJC9O66fkZHR0NDwzjvveD06AACvPF6vdCi5zdEtYgUJys3wzMzM1atXk0vITeRyuVgszsvLc7vd9ChNX18fjtI4nU6tVhsdHS0SidasWUN+751DA3fkhz4WcmXGrOZ8ss3PcoZzgiBQdsLBwcHU1NTt27cTBNHb24tex2MTSfDOM2/1lkKN3GT79u1FRUXYwiEhIXRT4CZOpzMuLu78+fP0CgAALEi8+xhKbnOr1SqRSMjnKfJp1Gg0BgYGxsbGnj59mrGJw+HArsJut1Py/PT29ioUCooAt9vd2dmZlJRUWlrqVQO3j6GPhVyZMau512zzs5zhHIG9msPhUCgUFRUV169fx9nYGBP1s8FhMa//EdDQ0JCQkIB/GYyNjQmFQropcBO1Wq3Varn1AACwkPAeK6MHl4RCYTgJ8t/KFhYWFhcX//7776WlpTgWT24SGhqKs3OjoNCzZ89wNafTKZPJKAKWLVu2cePGmpqaS5cu8dFAYXR0FPfJHShjzGruNds8Kp/NDOcPHz4cHR199913BQJBaGhofX390aNHq6qqcDiOTeQUYmUcjIyMHDly5MyZM0Ih37eskpKSWltb//333+kcFwCAVwluF0TPbc7x4NPly5dXr16NktxpNBqO+BWG8lxZTU0NzviLo1UIvV7P9hecZDieK+MzFkpWc57Z5mc5wznK304OneXm5goEApPJxCGSmOlY2Z49e44cOUL8/5Uid6yMIIisrCy1Ws14rQMAwMLDi4+h5zZnezdlYmJCpVLhP2q0WCwSiQS9G8jhEvD7McPDwxcvXsTvx6Bkf3V1dQ6HY2xsDMnALyfyfD8G9Ynfj6GPpbe3l/EhXZzVnGe2+VnOcE4QRH5+fnJysslkGh4erq+vVygUISEhKJbIkaifEe7oItt/BAiFwjVr1qDfE+T6lZWVycnJPT09DocjPz8fv+2Ej+J2u5OTk6f/QisAAK8EXnwMPbc52zv25eXllH9WLyoqSk1NJby988H2nn9ra2tqaqpMJpNIJHFxcXV1dV41UHaJRKJ169bh9/zpY7l8+TL3myU8s83PcoZzgiDcbrdWq1WpVGKxeMOGDQ0NDX19fRKJRK/XcyTqZ8TrUxKM/xEgEAjwS6nk+h6PR6vVonFlZGQw3icbGhqKiorC/44DAMAC5jWCIDgiaTExMefPn//ggw+mGoqbR1DG8vTp07Vr15aWlu7fv59nk5miv78/NjYWbksAALDg8eJjFjbXrl378MMPZ/+44GMAAFgkvERu/4XHnDgYAACAxcOi9jEAAACAT1nUsTIAAADAp8B1DAAAAOArwMcAAAAAvgJ8DAAAAOArwMcAAAAAvgJ8DAAAAOArwMcAAAAAvgJ8DAAAAOArwMcAAAAAvgJ8DAAAAOArwMcAAAAAvgJ8DAAAAOArwMcAAAAAvgJ8DAAAAOArwMcAAAAAvgJ8DAAAAOAr/gf6MYrTP3Y1hwAAAABJRU5ErkJggg==)

HTTP POST data:

![](data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAiEAAAA3CAIAAABVZQ1/AAAACXBIWXMAAA7EAAAOxAGVKw4bAAAUbklEQVR4nO2df0wT9//HT6xQSym/K7+cgA4NcwwN6zAyR9Q41xHSbaiMoeKPIFNkHVGHjDiGDh1iVGaIMbqgcc4ZQ4hxDE3DTKeNoiO1VqwMScFSGAICVlawep8/3t/v+3O7u15PSoEPvh5/3b3v/eN5r/e7ffVed/fqJJIkCQAAAABwAW5jLQAAAACYsICPAQAAAFwF+BgAAADAVYCPAQAAAFwF+BgAAADAVYCPAQAAAFwF+BiAi4iIiNu3b4+1in8xDiUB44Tbt29//vnntEJYMGML+BjALnfu3Hnx4sVbb7011kL+yziUBIwfMjIywsPDqSWwYMacCeJjWlpavLy8xlrFaEM7676+vr1797IeGh4XLlxITk52spOXwqFsLOnx48fr1q0LDAwMDQ396quvnj175orhRqq3lpYWX19fah1cMmrwPFnqKnI1X3755dSpU0+ePDkiE9Hd3a3T6ZRKJbUQL5iWlpZJDA4fPnzp0iVvb+/u7m7cZOHChV9//TWtyeTJkyMiInbv3v38+XNU7Ycffpg5c6aHh8e8efN+++036qBPnjz54osvZsyYMXXq1NmzZ3///feolT0NTp74eIecEBiNRrFYPNYqRhvaWdN2rVark/3LZLLLly872clL4XAesaTk5OS0tDSTyWQwGBISEvLy8oY3ovNW4tOb0Wj08fEhKSeIS0YTPic7ah+lrq4uNzc3rVZrs9nIkZgIVuV4waCj1n+DhpbL5Tk5Oah+ZWVlSEiIxWKhNRkYGNBqtTKZrKioiCTJsrKy8PBwlUrV2dl55swZPz8/tVqNB01JSVEoFAaDobOzU6VSJSYm1tXVcWuYwICP+R+G28c4idls9vHxGRoaGqkO+cB9CljSwMBAWFgY+iIgSbKurm7WrFmjpXE4YI9iMpnmz5+PNmQy2VjrYmHUPkojPhCzQ+oa5hjOYDCIRKLm5mabzRYVFVVRUWGvw6tXr0ZHR5MkGRISUltbi8sPHTqUlJSEtgcGBgQCQW9vLx+FrwIOYmUfffTR/v370fbt27c9PDz6+vrQ7qZNm15//XWOo9u3b+duvn37djzQqlWrvvvuO7y7YMGCkydPEgRx8+bNBQsWTJ06NTAwcMWKFW1tbeiyeu/evYGBgcHBwSdOnGDKttfqwIEDERERnp6eq1at6u7u3r59e2BgoL+//7p1654+fYraPn36dNOmTYGBgdOnT//222/RRa49eVSeP3++c+fOadOmeXp6rlixAl19s/ZGFePr6/vZZ59hs9y8efPdd9/18vIKDQ395JNP7t27Rwsj2Iux9PX1hYeHWyyWSZMmUYMPHGMRBNHe3v7hhx96eXlFREQcOHCA2vOFCxeWLVs2ZcoUVlUEQQwODm7YsMHLy2vGjBnffPMNjiHwnDJWcyEOHz4cERHh7++/evVqqlosaerUqQ8fPvT09ETlTU1NISEhBEG0tbW9//77np6eM2fOPHjwoMNgFLYSUzO36VjtRpspJMbLy2v27NlnzpxBhaGhoX/++SfauHHjBiq8dOkSt05qBda5YBqTaXOqPLS9f//+adOm+fr6rl279p9//iEYq8ieNueXend3N8dyZcrm88llQl3DHMyePTszMzMvL+/YsWMSiWTt2rX2agqFQpvN1tfXZzabExIScPmiRYsaGhrQ9osXLwiCEAgE3IO+OjjwMUlJSSqVCm1fvHjxxYsXNTU1aFelUikUCo6jcrmcu7lcLscDrVy5sqqqCm23t7drtVqFQkEQRH19fWZmZkdHh16vDwsLy87OJgjCYrEYDAa9Xl9RUUGdaYy9Vlqt9urVq1qt1mw2z5kzp6urS6fTXb9+3Wg05ufno7Y5OTlms7m+vr6mpubChQvl5eUc8qiUlJSoVCqVStXY2BgSEoLWHGtvSIxOp9NoNHV1da2trXj0pKSkjIyM1tbWq1evJiQkCIVC7gnCeHt7GwwGdCWenp5OPWRvLIIgsrOz3d3dm5qaVCrVqVOnqK2oN2NYVRUVFQ0MDOh0upqaGrVaffToUW7j06aM1Vx4mpBas9mcl5fHKglz//79bdu2lZaWotORSCQGg+Hy5csVFRW4TiADWiesmjlMx2E3qm0lEklDQ0N1dTX2MaxkZGQsWbIE+R4aN2/eXLJkSUZGBi5hnQtWY3J/TCwWS11d3a1bt27dulVfX19SUkKwrSJWbc4vdX9/f47lSpPN85PLhP8NxV27dtXW1ubn55eVldmr8+jRo4KCAoVCYbFYhEIh1XVJJJL+/n607enpKZfLU1NTr127xuH/XiG4L3PMZrNIJEKhUplMlpubm5aWRpKk0WiUSCStra0cR4eGhribU+MwAwMDqEOSJMvLy5OTk5limpqagoKCjEYjQRA9PT3UQxwXodRW+AL26tWrbm5uAwMDaFej0aBgi81mE4vFzc3NqPzChQvx8fE85Uml0vr6emqJvd6QmP7+fiwmMjKSJMmenh6BQEALTDMDYjiOzxEro8b9WcdC8oRCIZZXWVmJe7ZYLGKxGBmZVRVJkgEBAThahULVTJtwTBnTXEy1Go0Gq6VKwphMpsjIyLNnz+LTQXNEOx0TA1YDUjVzmM6e3ai9cYhhYrFYiouL/fz8Vq5c2djYiAobGxtXrlzp5+dXXFyM7WxvLpjGZNqctjwIgqDKi4uLY7UJqzbnlzpTD3W50mTz+eSyKqcuGNRPAIXs7GzqKaSmpr722mtMG6LKfn5+QqEwKyvLarUyl01zczN1fvv7+/Py8qKiogQCwaxZswoLC9FNF4caJiSO78fExsbW1tZ2dHSEhYX19vZKpVKbzXb8+PGPP/7Y4VE+FTCpqallZWUkSS5duvT06dOosL6+funSpSEhIWiafXx8WL8XaIUOW9HuuOJds9ns7u6OyxsbG9HXjT15mN7eXoFAQLt9Z683DjGpqamxsbG5ubmlpaVXrlzhrszTx9hrTpPX0NCAD1VWVi5evBgfYqrq6emhflr8/PykUilP49szF7damiREfHw8mhR0OkKhkPV07IGHY2rmEGPPbtT6wxDT09OjUCgEAgHaFQgECoWCGdZnzgWrMZk2py0Pmjw8fayfL6q2kVrqfJYrdw8cHZKMBWM0GkUiEfV3BtWT6XQ6Hx+fuXPnHj16lLWJ2WzGp2wymajWI0myqakpICCAZGC1WjUaTXx8fEFBgUMNExXHzy7L5XKVSnXx4sWkpCRvb+/Y2Fi1Wo0jXdxH+VTAoHjU48eP6+rq8BWuQqFYtGiRWq3WarXV1dU8L86G14obVnk0Jk+e7OQoP//88/Hjx2NiYoaGhnJzc7du3epkh8ODFmRgqrJarW5ubrdu3dJqtVqtVqfTabVaVJm/8V/KXMy4R3t7u06n42Mih7EyVyyYl+LBgwfZ2dlqtbqoqAiVFBUVqdXqzZs3P3jwgFrT3gpxfu3x1+bS4UYK5oJxc3MLpUC9XZeTk5Obm3vkyJGCgoLHjx8zmwQHB+NTRiE+6uPy/f39EomEqcHDw2PBggVlZWXnzp1zqGHC4tALaTQamUyWnJxcXV1NkmR5eXlOTk5QUJDZbHZ4lE8FjNVq9fPzO3ToEL7E6ezsxD/rSJLUarV8rmP4tLL3a8jeJT+rPBpSqVSr1VJLOAIIHGKoysPCwvr7+93c3KjRhpG6jkHxHKPRiHZxPMdmswUEBGDZrKpIkhSLxcxgF/8pY5qLQy2rJJvNRi2hhaeqqqp4xspYNXOLYbUbR6yMKoZJVlaWWCzOzc3t6uqilnd1dSmVSrFYnJWVxdoQzwXTmA6vYwhKrKyqqsperIxV24gsdZdexzAXDEc4/fz586+99hqKvykUChy/4mhCe66srKwMP1dGkiSObSLUajWKEL6az5XxenZZKpVKpVIUBTaZTBKJJDY2ludR7gq0yHJaWppEIjl37hy1bXl5eW9vb2Njo0KhsPeF1d/fLxAIDAYDup512IpjpW7cuDE5Obm1tVWv18+fPx+HYljlUfUXFxfLZDKdTmcymdDvPnu92RPT0NCwfPny2trarq6u1tbWjRs3ooUrk8k2btzY0dHR2NiYkJCApdLO2mKxCAQCFDTn42PI/3+Q32g06vX6mJgYdEitVs+dOxfXsacqKysrPj5er9ebzeaSkhL03gD/KWM1lz21NEms9idJUqFQpKSkmEwmvV4fGxvLP1bG1MxtOla70erzF5Oeno49FqvI9PR0tG1vLpjG5ONjqPIKCwvRIeoqsqfN+aXO1OO8j2ltbcUhLOaCMdp5N2VgYCA8PBxHvxsbG0UikU6nYxWDwe/HdHV1nT17lvp+jMFgkEqlx44dM5vNvb29SElxcTGHBtYhJgy8fExaWlpKSgrejYuLy8/P53mUowJzCquqqsRiMb6hR5KkWq2Oi4sTCoVBQUG5ubn2vrBIkszLyxOJROjZdoetOFaqxWLJzMwMCAgICwvDN+tY5dH6tNlsO3bsCAgIEAqFCoUC/e5j7c2emKGhocLCwqioKHd3d6lUmp6e3tHRQZJkU1PT4sWLxWJxdHR0WVkZVTn1rEmSLCwsRLs8fUxHR0dSUpJYLA4PD9+3bx86tG3bNuoM2lNltVqVSmVYWJhIJJLL5fg3I88pYzWXPbU0SaznQpKkyWRatmyZSCSKjIwsLS3l72OYmrlNx2o3Wn0kRiwWR0VF8RHDB3tzwTSmQx8jFov37dsnlUp9fHzWrFlD/dDhVWRPhvNLnVUPsz53D7Rdq9UqFAqRd2QuGORWaRw6dKioqIj2uIpSqUxMTGQVQ6WsrCwyMtLd3T02NhYFaTDV1dWJiYkSiUQkEsXExBw7doxbg70hJgYT5B1MwHnQ7y+SJKOioq5fvz7Wcv7FMCTZi0DS6jgfu8B2+x9iogZtcnJy0H3+cbiGX1ngRSHg/9BqtZGRkQRB3L9/f6y10BmHkjDYbsCYU1paip49Gc8L5lVjZHJiouzZz549+/TTT//++2/+TUZkdGDY7N69+8SJE48ePbpx40Z+fn5WVtZYKxo9nj17ptFowsLChtH2VbbbeGbKlClvv/32WKsA/sUI+BicPXvKlCnu7u7btm3j38T50QFnSExMLC8vDwsLS09Pz8nJ4ciiMfHIzMzMzs4uLi4eRttX2W4A8HI4jKZR71MJBIK5c+ei16oxe/bswU/71dfX45cWOaA2GTY8Y8q9vb3ooQ5urly5EhsbKxKJ4uPj0VMlzghj2nn0k+wCAACMObyuY/DzdmazuaCgIDs7+9dff8VHqe86+fn5WSwWhx2OyB+TzJgxo6ury2E15GMcVktNTS0sLDSZTMuXL1+/fr2T2mhPKBoMBic7BAAA+F+Eb6zMw8PDw8MjMDBw1apVe/bswQnv2tvbGxsbExMT+Q85jCYcqpzvBGGz2eLi4nx9fePi4oaGhpzv0IMC/9SWAAAAE4nh3I+RyWR6vR5t88yeTc0QTmsyHnKVEwSxefNmuVy+ZcuW/Px8ZpZcVpHDgyMFOq5DzUuPTeHr67tixQqU6IJa/8aNG8HBwXfu3Bm2JAAAABcxHB/j5+eHE1k7jHoxk5PTmoyHXOUEQaBMGBUVFTU1NW+88QbtKKtIh1mwWLGXAh3T0tJSWFiId1Hqw9raWr1eHxQUhL07rpySknL69Ok333yTz+gAAACjisM7Nqxv3qI72Mx069TKrMnJaU3GSa5ylGSwo6MjMTFx+fLlJEk2NTXhF+vsieSfMd5hPjRqk+XLlyuVSvyMQFBQEGsOfLFY3N/fHxMTc+rUKRIAAGBc4tQ7mJcvX5bJZPZSh0ZHRyclJTU3N3t7e9tr4uvrm5KSEh8fv3jx4pCQkLi4uPfee6+vr6+npycmJobWoVgs5khTKhQKp0+fjrbnzJnT2trKWs3T03Pnzp1ZWVnr16+Pjo5GyVPz8/NramqmTZt25syZmJiYvXv3Ij0cIgmCCA0N5WMlKp2dnUNDQxEREVgn7SG0n376qaurKycnB/3FVl9fX2dnJ9MUiNTUVLlcvnr16peVAQAAMDoMJ1bW09ODEllzB8pYk5Mzm4x5rvJHjx719PTMmzePIIjg4OCKiopdu3aVlJRQw3GsIocXK+Ogu7t7x44dx48fd3PjNS/x8fHV1dVPnjxxclwAAABX4fBKhxn5OXr0qFwuZ023TqtMS07OnTSeHKNc5SgNO46bkSSZmZlJEIRer+cWOeKxsjVr1uzYsYP8d64tjlgZSZJpaWloLlilAgAAjC18r2MGBwcHBwe7u7t/+eWXgoKCzZs3azSaoKAgHPZB2Gw2geC/8Td/f/+DBw/q9Xr00gyzyb179z744IPff/+9u7v74cOHR44ciY2NJQhCqVRmZmbeuXOnra1t69atf/zxBx+Rubm5bW1td+/eLSwsTEpKQoUBAQFWq/Wvv/5CuxaLRa/XHzhwwN/fH5VMnjx5/fr1GRkZd+/e7e7uPnnyZGVlZVBQ0NmzZ7lFhjJwqHDy5MmpqalKpfLhw4dIZ1paGjo0MDCg0Wiod/sRSqUyOzv73r177e3tW7ZsoZnixx9/7O3tVSqVfOwDAAAw2jj0QrT3/KOjo9F7/qzp1s+fPx8TE2OvK2aTcZKr3Gq15uXlhYeHC4XC+fPnnz59urm5WSQSof+EsCeSw2L2rmNI+ynQCYK4fPkys77NZsvLy0PnlZKSgp56oA7R2dkZGRlJ/Z8bAACAccIkkiSH55xmz5596tSpd955B5cMDg7OmTOnoKBgw4YNPJuMFC0tLXPnzoU7EwAAAOOK4fsYVq5du7Zw4cIR7JAn4GMAAADGISOT2x8zJg4GAAAAGJ+MsI8BAAAAAMwIx8oAAAAAAAPXMQAAAICrAB8DAAAAuArwMQAAAICrAB8DAAAAuArwMQAAAICrAB8DAAAAuArwMQAAAICrAB8DAAAAuArwMQAAAICrAB8DAAAAuArwMQAAAICrAB8DAAAAuArwMQAAAICrAB8DAAAAuArwMQAAAICr+A/yABXWyouMSgAAAABJRU5ErkJggg==)

Cookies:

![](data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAiEAAAA3CAIAAABVZQ1/AAAACXBIWXMAAA7EAAAOxAGVKw4bAAAUbklEQVR4nO2df0wT9//HT6xQSym/K7+cgA4NcwwN6zAyR9Q41xHSbaiMoeKPIFNkHVGHjDiGDh1iVGaIMbqgcc4ZQ4hxDE3DTKeNoiO1VqwMScFSGAICVlawep8/3t/v+3O7u15PSoEPvh5/3b3v/eN5r/e7ffVed/fqJJIkCQAAAABwAW5jLQAAAACYsICPAQAAAFwF+BgAAADAVYCPAQAAAFwF+BgAAADAVYCPAQAAAFwF+BiAi4iIiNu3b4+1in8xDiUB44Tbt29//vnntEJYMGML+BjALnfu3Hnx4sVbb7011kL+yziUBIwfMjIywsPDqSWwYMacCeJjWlpavLy8xlrFaEM7676+vr1797IeGh4XLlxITk52spOXwqFsLOnx48fr1q0LDAwMDQ396quvnj175orhRqq3lpYWX19fah1cMmrwPFnqKnI1X3755dSpU0+ePDkiE9Hd3a3T6ZRKJbUQL5iWlpZJDA4fPnzp0iVvb+/u7m7cZOHChV9//TWtyeTJkyMiInbv3v38+XNU7Ycffpg5c6aHh8e8efN+++036qBPnjz54osvZsyYMXXq1NmzZ3///feolT0NTp74eIecEBiNRrFYPNYqRhvaWdN2rVark/3LZLLLly872clL4XAesaTk5OS0tDSTyWQwGBISEvLy8oY3ovNW4tOb0Wj08fEhKSeIS0YTPic7ah+lrq4uNzc3rVZrs9nIkZgIVuV4waCj1n+DhpbL5Tk5Oah+ZWVlSEiIxWKhNRkYGNBqtTKZrKioiCTJsrKy8PBwlUrV2dl55swZPz8/tVqNB01JSVEoFAaDobOzU6VSJSYm1tXVcWuYwICP+R+G28c4idls9vHxGRoaGqkO+cB9CljSwMBAWFgY+iIgSbKurm7WrFmjpXE4YI9iMpnmz5+PNmQy2VjrYmHUPkojPhCzQ+oa5hjOYDCIRKLm5mabzRYVFVVRUWGvw6tXr0ZHR5MkGRISUltbi8sPHTqUlJSEtgcGBgQCQW9vLx+FrwIOYmUfffTR/v370fbt27c9PDz6+vrQ7qZNm15//XWOo9u3b+duvn37djzQqlWrvvvuO7y7YMGCkydPEgRx8+bNBQsWTJ06NTAwcMWKFW1tbeiyeu/evYGBgcHBwSdOnGDKttfqwIEDERERnp6eq1at6u7u3r59e2BgoL+//7p1654+fYraPn36dNOmTYGBgdOnT//222/RRa49eVSeP3++c+fOadOmeXp6rlixAl19s/ZGFePr6/vZZ59hs9y8efPdd9/18vIKDQ395JNP7t27Rwsj2Iux9PX1hYeHWyyWSZMmUYMPHGMRBNHe3v7hhx96eXlFREQcOHCA2vOFCxeWLVs2ZcoUVlUEQQwODm7YsMHLy2vGjBnffPMNjiHwnDJWcyEOHz4cERHh7++/evVqqlosaerUqQ8fPvT09ETlTU1NISEhBEG0tbW9//77np6eM2fOPHjwoMNgFLYSUzO36VjtRpspJMbLy2v27NlnzpxBhaGhoX/++SfauHHjBiq8dOkSt05qBda5YBqTaXOqPLS9f//+adOm+fr6rl279p9//iEYq8ieNueXend3N8dyZcrm88llQl3DHMyePTszMzMvL+/YsWMSiWTt2rX2agqFQpvN1tfXZzabExIScPmiRYsaGhrQ9osXLwiCEAgE3IO+OjjwMUlJSSqVCm1fvHjxxYsXNTU1aFelUikUCo6jcrmcu7lcLscDrVy5sqqqCm23t7drtVqFQkEQRH19fWZmZkdHh16vDwsLy87OJgjCYrEYDAa9Xl9RUUGdaYy9Vlqt9urVq1qt1mw2z5kzp6urS6fTXb9+3Wg05ufno7Y5OTlms7m+vr6mpubChQvl5eUc8qiUlJSoVCqVStXY2BgSEoLWHGtvSIxOp9NoNHV1da2trXj0pKSkjIyM1tbWq1evJiQkCIVC7gnCeHt7GwwGdCWenp5OPWRvLIIgsrOz3d3dm5qaVCrVqVOnqK2oN2NYVRUVFQ0MDOh0upqaGrVaffToUW7j06aM1Vx4mpBas9mcl5fHKglz//79bdu2lZaWotORSCQGg+Hy5csVFRW4TiADWiesmjlMx2E3qm0lEklDQ0N1dTX2MaxkZGQsWbIE+R4aN2/eXLJkSUZGBi5hnQtWY3J/TCwWS11d3a1bt27dulVfX19SUkKwrSJWbc4vdX9/f47lSpPN85PLhP8NxV27dtXW1ubn55eVldmr8+jRo4KCAoVCYbFYhEIh1XVJJJL+/n607enpKZfLU1NTr127xuH/XiG4L3PMZrNIJEKhUplMlpubm5aWRpKk0WiUSCStra0cR4eGhribU+MwAwMDqEOSJMvLy5OTk5limpqagoKCjEYjQRA9PT3UQxwXodRW+AL26tWrbm5uAwMDaFej0aBgi81mE4vFzc3NqPzChQvx8fE85Uml0vr6emqJvd6QmP7+fiwmMjKSJMmenh6BQEALTDMDYjiOzxEro8b9WcdC8oRCIZZXWVmJe7ZYLGKxGBmZVRVJkgEBAThahULVTJtwTBnTXEy1Go0Gq6VKwphMpsjIyLNnz+LTQXNEOx0TA1YDUjVzmM6e3ai9cYhhYrFYiouL/fz8Vq5c2djYiAobGxtXrlzp5+dXXFyM7WxvLpjGZNqctjwIgqDKi4uLY7UJqzbnlzpTD3W50mTz+eSyKqcuGNRPAIXs7GzqKaSmpr722mtMG6LKfn5+QqEwKyvLarUyl01zczN1fvv7+/Py8qKiogQCwaxZswoLC9FNF4caJiSO78fExsbW1tZ2dHSEhYX19vZKpVKbzXb8+PGPP/7Y4VE+FTCpqallZWUkSS5duvT06dOosL6+funSpSEhIWiafXx8WL8XaIUOW9HuuOJds9ns7u6OyxsbG9HXjT15mN7eXoFAQLt9Z683DjGpqamxsbG5ubmlpaVXrlzhrszTx9hrTpPX0NCAD1VWVi5evBgfYqrq6emhflr8/PykUilP49szF7damiREfHw8mhR0OkKhkPV07IGHY2rmEGPPbtT6wxDT09OjUCgEAgHaFQgECoWCGdZnzgWrMZk2py0Pmjw8fayfL6q2kVrqfJYrdw8cHZKMBWM0GkUiEfV3BtWT6XQ6Hx+fuXPnHj16lLWJ2WzGp2wymajWI0myqakpICCAZGC1WjUaTXx8fEFBgUMNExXHzy7L5XKVSnXx4sWkpCRvb+/Y2Fi1Wo0jXdxH+VTAoHjU48eP6+rq8BWuQqFYtGiRWq3WarXV1dU8L86G14obVnk0Jk+e7OQoP//88/Hjx2NiYoaGhnJzc7du3epkh8ODFmRgqrJarW5ubrdu3dJqtVqtVqfTabVaVJm/8V/KXMy4R3t7u06n42Mih7EyVyyYl+LBgwfZ2dlqtbqoqAiVFBUVqdXqzZs3P3jwgFrT3gpxfu3x1+bS4UYK5oJxc3MLpUC9XZeTk5Obm3vkyJGCgoLHjx8zmwQHB+NTRiE+6uPy/f39EomEqcHDw2PBggVlZWXnzp1zqGHC4tALaTQamUyWnJxcXV1NkmR5eXlOTk5QUJDZbHZ4lE8FjNVq9fPzO3ToEL7E6ezsxD/rSJLUarV8rmP4tLL3a8jeJT+rPBpSqVSr1VJLOAIIHGKoysPCwvr7+93c3KjRhpG6jkHxHKPRiHZxPMdmswUEBGDZrKpIkhSLxcxgF/8pY5qLQy2rJJvNRi2hhaeqqqp4xspYNXOLYbUbR6yMKoZJVlaWWCzOzc3t6uqilnd1dSmVSrFYnJWVxdoQzwXTmA6vYwhKrKyqqsperIxV24gsdZdexzAXDEc4/fz586+99hqKvykUChy/4mhCe66srKwMP1dGkiSObSLUajWKEL6az5XxenZZKpVKpVIUBTaZTBKJJDY2ludR7gq0yHJaWppEIjl37hy1bXl5eW9vb2Njo0KhsPeF1d/fLxAIDAYDup512IpjpW7cuDE5Obm1tVWv18+fPx+HYljlUfUXFxfLZDKdTmcymdDvPnu92RPT0NCwfPny2trarq6u1tbWjRs3ooUrk8k2btzY0dHR2NiYkJCApdLO2mKxCAQCFDTn42PI/3+Q32g06vX6mJgYdEitVs+dOxfXsacqKysrPj5er9ebzeaSkhL03gD/KWM1lz21NEms9idJUqFQpKSkmEwmvV4fGxvLP1bG1MxtOla70erzF5Oeno49FqvI9PR0tG1vLpjG5ONjqPIKCwvRIeoqsqfN+aXO1OO8j2ltbcUhLOaCMdp5N2VgYCA8PBxHvxsbG0UikU6nYxWDwe/HdHV1nT17lvp+jMFgkEqlx44dM5vNvb29SElxcTGHBtYhJgy8fExaWlpKSgrejYuLy8/P53mUowJzCquqqsRiMb6hR5KkWq2Oi4sTCoVBQUG5ubn2vrBIkszLyxOJROjZdoetOFaqxWLJzMwMCAgICwvDN+tY5dH6tNlsO3bsCAgIEAqFCoUC/e5j7c2emKGhocLCwqioKHd3d6lUmp6e3tHRQZJkU1PT4sWLxWJxdHR0WVkZVTn1rEmSLCwsRLs8fUxHR0dSUpJYLA4PD9+3bx86tG3bNuoM2lNltVqVSmVYWJhIJJLL5fg3I88pYzWXPbU0SaznQpKkyWRatmyZSCSKjIwsLS3l72OYmrlNx2o3Wn0kRiwWR0VF8RHDB3tzwTSmQx8jFov37dsnlUp9fHzWrFlD/dDhVWRPhvNLnVUPsz53D7Rdq9UqFAqRd2QuGORWaRw6dKioqIj2uIpSqUxMTGQVQ6WsrCwyMtLd3T02NhYFaTDV1dWJiYkSiUQkEsXExBw7doxbg70hJgYT5B1MwHnQ7y+SJKOioq5fvz7Wcv7FMCTZi0DS6jgfu8B2+x9iogZtcnJy0H3+cbiGX1ngRSHg/9BqtZGRkQRB3L9/f6y10BmHkjDYbsCYU1paip49Gc8L5lVjZHJiouzZz549+/TTT//++2/+TUZkdGDY7N69+8SJE48ePbpx40Z+fn5WVtZYKxo9nj17ptFowsLChtH2VbbbeGbKlClvv/32WKsA/sUI+BicPXvKlCnu7u7btm3j38T50QFnSExMLC8vDwsLS09Pz8nJ4ciiMfHIzMzMzs4uLi4eRttX2W4A8HI4jKZR71MJBIK5c+ei16oxe/bswU/71dfX45cWOaA2GTY8Y8q9vb3ooQ5urly5EhsbKxKJ4uPj0VMlzghj2nn0k+wCAACMObyuY/DzdmazuaCgIDs7+9dff8VHqe86+fn5WSwWhx2OyB+TzJgxo6ury2E15GMcVktNTS0sLDSZTMuXL1+/fr2T2mhPKBoMBic7BAAA+F+Eb6zMw8PDw8MjMDBw1apVe/bswQnv2tvbGxsbExMT+Q85jCYcqpzvBGGz2eLi4nx9fePi4oaGhpzv0IMC/9SWAAAAE4nh3I+RyWR6vR5t88yeTc0QTmsyHnKVEwSxefNmuVy+ZcuW/Px8ZpZcVpHDgyMFOq5DzUuPTeHr67tixQqU6IJa/8aNG8HBwXfu3Bm2JAAAABcxHB/j5+eHE1k7jHoxk5PTmoyHXOUEQaBMGBUVFTU1NW+88QbtKKtIh1mwWLGXAh3T0tJSWFiId1Hqw9raWr1eHxQUhL07rpySknL69Ok333yTz+gAAACjisM7Nqxv3qI72Mx069TKrMnJaU3GSa5ylGSwo6MjMTFx+fLlJEk2NTXhF+vsieSfMd5hPjRqk+XLlyuVSvyMQFBQEGsOfLFY3N/fHxMTc+rUKRIAAGBc4tQ7mJcvX5bJZPZSh0ZHRyclJTU3N3t7e9tr4uvrm5KSEh8fv3jx4pCQkLi4uPfee6+vr6+npycmJobWoVgs5khTKhQKp0+fjrbnzJnT2trKWs3T03Pnzp1ZWVnr16+Pjo5GyVPz8/NramqmTZt25syZmJiYvXv3Ij0cIgmCCA0N5WMlKp2dnUNDQxEREVgn7SG0n376qaurKycnB/3FVl9fX2dnJ9MUiNTUVLlcvnr16peVAQAAMDoMJ1bW09ODEllzB8pYk5Mzm4x5rvJHjx719PTMmzePIIjg4OCKiopdu3aVlJRQw3GsIocXK+Ogu7t7x44dx48fd3PjNS/x8fHV1dVPnjxxclwAAABX4fBKhxn5OXr0qFwuZ023TqtMS07OnTSeHKNc5SgNO46bkSSZmZlJEIRer+cWOeKxsjVr1uzYsYP8d64tjlgZSZJpaWloLlilAgAAjC18r2MGBwcHBwe7u7t/+eWXgoKCzZs3azSaoKAgHPZB2Gw2geC/8Td/f/+DBw/q9Xr00gyzyb179z744IPff/+9u7v74cOHR44ciY2NJQhCqVRmZmbeuXOnra1t69atf/zxBx+Rubm5bW1td+/eLSwsTEpKQoUBAQFWq/Wvv/5CuxaLRa/XHzhwwN/fH5VMnjx5/fr1GRkZd+/e7e7uPnnyZGVlZVBQ0NmzZ7lFhjJwqHDy5MmpqalKpfLhw4dIZ1paGjo0MDCg0Wiod/sRSqUyOzv73r177e3tW7ZsoZnixx9/7O3tVSqVfOwDAAAw2jj0QrT3/KOjo9F7/qzp1s+fPx8TE2OvK2aTcZKr3Gq15uXlhYeHC4XC+fPnnz59urm5WSQSof+EsCeSw2L2rmNI+ynQCYK4fPkys77NZsvLy0PnlZKSgp56oA7R2dkZGRlJ/Z8bAACAccIkkiSH55xmz5596tSpd955B5cMDg7OmTOnoKBgw4YNPJuMFC0tLXPnzoU7EwAAAOOK4fsYVq5du7Zw4cIR7JAn4GMAAADGISOT2x8zJg4GAAAAGJ+MsI8BAAAAAMwIx8oAAAAAAAPXMQAAAICrAB8DAAAAuArwMQAAAICrAB8DAAAAuArwMQAAAICrAB8DAAAAuArwMQAAAICrAB8DAAAAuArwMQAAAICrAB8DAAAAuArwMQAAAICrAB8DAAAAuArwMQAAAICrAB8DAAAAuArwMQAAAICr+A/yABXWyouMSgAAAABJRU5ErkJggg==)

Research’s Comment:

![](data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAiEAAAAjCAIAAADNIk3yAAAACXBIWXMAAA7EAAAOxAGVKw4bAAAJ2ElEQVR4nO2cYUhT3xvHb2OWrut0OnXaRO2FiEhJjKGxqERIxpClZmCWQqIRJiYUYmBLKksJykx8E2hviggRkZAYBSIjbM0lw0TEctgcoubsamup9//i8L/sv3vvuVdzf/v9fD4v4t67c773+zzP2Z7tXGkPTdMEAAAAAAQByU4bAAAAAP61QI8BAAAAggX0GAAAACBYQI8BAAAAggX0GAAAACBYQI8BAAAAggX0GAAAACBYQI8BAAAAgoVwj5meng4PD9+CtMfjaW5u3sLEYIj7j99yRHxsu+Dfwz86tKtXr4aFhXV3d++0EWHE5PkfXQtg1yLcY5KSkubn57cgvbS0dPfu3S1MDIZ4UM0AfyELCwttbW3v378vLS3daS8AsHuRihm0b9++YPsAgO2FoiiZTHb48OGdNgIAuxqxe2UBv9Onp6cVCgU6/vDhw7Fjx8LDww8cOFBYWPj582eCIDweT3JyMkVRe/bs8d+sQDqtra1xcXEKhaKsrOznz5+MTnZ2dlhYWExMzJkzZ759+8anzxb/9evXxYsXw8PDk5KSbt68ub6+7h8Cp5lHjx6lpKRER0efP3/e4/Ggi3gdjEmCIO7fv88OamVlpaqqKiYmJjEx8datW0jw7Nmzd+7cYSZmZ2d3d3cL3vrLly/79+8fGRkhCGJhYUGhULx7944v/5wXA6rAria63tzcHBMTEx8f//TpU/Z6YOAMDSk8ePAgJSVFoVCcO3eOyS0+jZiJT548OXXqFDP3xo0bZWVleCcLCwucy49PChPLZrN0+vTp1tZWdPzp06d9+/YxgVRVVV27dg1TaM4lFAB7DKcfdkSCxgieZcNpeFNLBdjNbMMzf4PBUF5e7nQ6h4aGdDpdaGgoQRARERHj4+MkSXq93oDNCoqihoeHrVar1Wq12WwtLS3ous1mq6ysdLvdDodDrVZXV1fz6bPFm5qaVldXR0dHBwYGBgcHOzs7/e/IHk9RlN1ut1gsw8PDLpervr4ejcTrYExSFGX9L/5B1dTUuFwum802MDDQ19fX0dFBEERxcXFvby8aMDs7a7fbjUaj4K1TUlIaGhpqa2sJgmhsbNTr9SdPnuTLP+dFMVAUNT4+7nA4urq6dDodZiRnaEhhdHQU5dbpdDY0NLDncqaRb6LRaBwcHPzx4wc67evrKygowDuJjo7mXH58UnyxbCFLBoPBbDaj4/7+/o2NjYGBAXRqNpv1ej1fofmWUMB9Ocew/bAjEjRG8CwbjGGRSwXY1dBCfP36lSRJ9K//xcjISJqmFxcXpVKp1+vlm8i+SBCE0+lEpz09PRqNhj13cnJSpVJh9APElUolRVHo2G63a7VazHjkYXl5GZ1aLJaDBw+K1OE0yRfU2toaSZJTU1Poel9fX1ZWFk3Tq6urcrkcje/o6MjPzxd5a5/Pl5aWZjKZlEql2+3myw+mKOxs0H7VRIEsLi7yjWTgCy0gt0NDQ0xu+UBpxE/Mysp69eoV48c/NIwTTudsKZEKmCz543K5ZDIZcqjVauvq6kpKStAsuVzu8/k4Cy3mfcE3hu2HMyJBY3zLBmOYLwkAwCDqeQwGhUJRVFSUlZWVk5OTkJCg0WiOHz+OnxIaGpqYmIiO09LSnE4nOh4ZGbl+/frY2JjP59vY2NjY2BCp//379/n5+eTkZHS6sbEhlQrERZIksw2SkJCwuLgoUofTJF9Qc3NzPp8vJSWFuY7emWFhYXq9vre398qVKz09PeXl5SJDCAkJaW9vz83NbWtri4uL48vPForinxlmFxQDX2jE/+ZWrVaj3AbAmUbMRKPR2N/fX1hY2N/fr9fr/R8QYpxwwpaanZ3dlAKBzVJ8fHxqaqrFYklPT3e5XI2Njampqevr62azOTc3l6IovkLzvS/84RsT4IczJ3hjISEhnMsGszJFLhVgl/OnPYYgiOfPn3/8+NHhcLhcrrq6uqNHjz5+/HgLOkajsaKiorOzMzQ0dGZmJi8vT6S+1+uVSCRWq5VZ/RLJVvYAxejwmdwsxcXF7e3tpaWlw8PDPT09FEWJDMHtdkskErfbzVzhzM92FSVIbDaNBQUFaDemv7+/vLz8T269jVJ86PV6s9k8NTVlMBgiIiIyMzMHBwfRftR2rdVtN4YGsJdNQ0PDDhoG/g0I/tJBOwbLy8sSicR/KwPtGwRgt9vVarX/RLYa4fd7v7e3F/3en5ubk0ql/jp4/QBxkiRtNptgFJzGmD0QQR0+k3xB8W3C0DTt9XqjoqIePnxYUFAgMgSappeWllQq1YsXL6KiosbGxtgD/POPuchXTXbJtrBXxpdbBs40Ck7MyMgwm82RkZGM7U05wUjxKYjPUgAWi0Wr1ebn579+/Zqm6Y6OjpqaGpVK5XK5aJ5C8y0hMWPYfvgiwhsLgFk2fIbxSQAAhNgeQ9O0VqutqKhwu90TExM6nQ6938bGxvLy8t6+fTs/P+90OisqKgwGA5pIUZRUKp2YmAhQIwiiqKhoZmbG4XBkZmaaTCb0UmxsbEdHx9LS0sTEhNFoxOsHiF+6dCkrKwt9/2ppaWlqagqIwn885uNMUIfTJCaoioqK/Px8p9PpcDiOHDnS1tbGSJWUlMjl8pcvX4q8NU3Tly9fLi4upmn69u3bJ06c4MsPpigMnNVkf3AsLy9LpdLx8fG1tbUABc7QxPQYzjQKTmxsbDx06BA7EJFO8FJ8ZRKZJc4AY2Nj0bONmZkZuVyemZmJXuIsNGYJ+eeEcwynH76IMMb4lg2fYegxgBg20WMmJydzcnJIkkxPT29ra0PvN5/PZzKZUlNT9+7dGxsbW1paip5FI0wmk0wm6+rqClC7d+9ebGxsZGTkhQsXVldX0UuDg4MajSY0NFSlUtXV1Qnq+4t7vd7a2lq1Wi2TyfR6PfMNzh9mPObjTFCH0yQSbGlpYQdFUVRlZaVSqVSr1SaTyf+Ture3lyRJZqTgra1WK0mS6Gus1+tNTk5+9uwZZ37wRUFwVpPzg6O+vj6giJjQRPYYdhoFJ9rtdoIg2DZEOsFL8ZVJfJYCKCkpKSoqYk41Gk1DQwM65iw0Zgn554RzDKcfvogwxviWDcYwPgkAQNP0Hpqm8Ztp09PTGRkZzJ97/iHbqwbsHlZWVpRKpcvl+vPnzNsoBQAAHnh8B/wzePPmjU6n25ausI1SAADgEegxv3//tlgsarX6/+MGADjxeDzt7e3FxcV/lRQAAIII9JjKysrq6mr43ySBnYV5AvFXSQEAIIjw8xgAAAAA2BrwPAYAAAAIFtBjAAAAgGABPQYAAAAIFtBjAAAAgGABPQYAAAAIFtBjAAAAgGABPQYAAAAIFtBjAAAAgGABPQYAAAAIFtBjAAAAgGDxHzoe3nRIV6+vAAAAAElFTkSuQmCC)

Screenshot: varlamov.consulting vulnerability

Mirror: Click here to view the mirror

Coordinated Disclosure Timeline

Vulnerability Reported: 5 March, 2020 07:48 GMT
Vulnerability Verified: 5 March, 2020 08:00 GMT
Website Operator Notified: 5 March, 2020 08:00 GMT
a. Using the ISO 29147 guidelines
b. Using publicly available security contacts
c. Using Open Bug Bounty notification framework
d. Using security contacts provided by the researcher
Public Report Published
[without any technical details]: 5 March, 2020 08:00 GMT
Public Disclosure: A security researcher can delete the report before public disclosure, afterwards the report cannot be deleted or modified anymore. The researcher can also postpone public disclosure date as long as reasonably required to remediate the vulnerability. 3 June, 2020 07:48 GMT
JSON