bpw-bern.ch Cross Site Scripting vulnerability OBB-1252021

2020-08-06T09:44:00

Description

Following coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147](<https://www.iso.org/standard/45170.html>)** standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence. Affected Website:| **[bpw-bern.ch](<https://bpw-bern.ch>) ** ---|--- Open Bug Bounty Program:| **View Open Bug Bounty Program** Vulnerable Application:| Other Vulnerability Type:| **[XSS (Cross Site Scripting)](<https://www.owasp.org/index.php/Cross-site_Scripting_\(XSS\)>)** / CWE-79 CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] Disclosure Standard:| Coordinated Disclosure based on **[ISO 29147](<https://www.iso.org/standard/45170.html>)** guidelines Discovered and Reported by:| **metamorfosec ** Remediation Guide:| **[OWASP XSS Prevention Cheat Sheet](<https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.md>)** Export Vulnerability Data:| Bugzilla Vulnerability Data JIRA Vulnerability Data [ Configuration ] Mantis Vulnerability Data Splunk Vulnerability Data XML Vulnerability Data [ XSD ] Vulnerable URL: ![](data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAiEAAAA3CAIAAABVZQ1/AAAACXBIWXMAAA7EAAAOxAGVKw4bAAATqElEQVR4nO2de1AT1/fAlxAhQHgFiLxsACkylKEppREttQx2WsswDipqa6kiMhQZHxmKlFiGMjiDimAVKcM4tmPVqn9YxzqMWpvaNtLUotKIKWKKDGCMFAMCpjRgYL9/3On+tvtieQT41fP5K/fu3XPPOfcmhz27e3DAcRwDAAAAADsgmGkFAAAAgP8sEGMAAAAAewExBgAAALAXEGMAAAAAewExBgAAALAXEGMAAAAAezF7Y0xoaOitW7fYms8ss9wPs1w9YAa5devW5s2bZ1oLYLqZpTHm9u3bo6OjL774ImPzmWWW+2GWqwfMLBkZGSEhITOtBTDdjBFjOjo63N3dGQ/19/fv3r2brTlJzp8/v3z5ckqTQ5mpYhqmmMzUhFuePHmyfft2mUzm4uKyYMGCvXv3joyMjHfGqV0ysnoz6MZp4/Hjxxs3bvTz8wsKCvroo4+ePn1KWN3R0eHt7T2dyvB0+IRXfGILSp6up6enqalJqVQySjt06ND8+fOdnZ1feumlixcvUqZ2+AdHR8fQ0NBdu3ah3U4+RHDw4EF0yNHR8erVqxRRxLpQzp03b55KpXr69CmbveRzDx06FBoa6ubmtnDhwu+//55NW7pYDku5ZxzTnFkNzkl7e7tYLOZziGPkBFAoFJcvX6Y0p3YKRqZhislMTbglLS0tNTW1paWlu7tbrVYnJiY2NDTYY8ZxQag3g26cNpYvX75u3Tqj0djS0pKQkFBYWEhY3d7e7uXlNc36WK3WMcdMeF0mdiL5LLbPOI5XVVWFhISo1eru7u6TJ09KJBKNRkMRYrVarVbr4OCgTqdTKBSlpaWUQwQ2mw0dwjAsLCzMYrGQRRHrQhGr1+sXL15cVFTEZi9xblVVVVhY2JUrV8xm85kzZ3x9fevr69m0pYjlsJRjRj7mzGZmY4wxmUxeXl7Dw8OU5jMeYwg/DA4OCoXCvr4+e884Lsir9p+PMYODg8HBwcQXvqGhITw83Gg0xsbG4jhuNBoVCsWMKsjMLIkxhKMQgYGBV65cIZoHDhxISUnhmLq+vj4qKopbq/b2dldX19jY2JycHHInJcaQT9FqtZGRkWxHiXMp2tbW1nJrSxbLYemYMYbbnNkMr/sxBw8eDA0N9fHxef/99/v7+zEM6+/vDwkJsVgsDg4OX375Jbm5f/9+d3f3ffv2zZ0719vbe8OGDX///TeSc/369ddee83d3T0oKGjVqlV37txhnO78+fNvvvnmnDlzGJt79+6lSEaXmfQZV6xYsW/fPnTWrVu3nJ2dkfIYhn3wwQc7duxgs5c+BYZhQ0NDmzZtcnd3l8lkn3zyCXG17u7uvnv3bj8/v4CAgM8//xz1VFZWhoaGent7v/fee8SkZEZGRlQq1dy5c93c3FavXt3T08PmarpbRkdHMQwTCoV0sZ999tlbb71FND/++OMNGzYwup2yghzWIVvc3NzWrl3b09OzY8cOPz8/Hx+fjRs3/vXXX2yrhuAvgW0R6R5mWwu23UXvp+QliJwDf21dXFzu37/v5uaGmq2trYGBgUFBQTdv3sQwLCgo6Ndff0WHvv32W6Yt9n8QA9j0p28Vtl3H7UnKirMpdv369UWLFrm4uPj5+a1evfrBgwf0MXT/01WiTEc+nXAU0spkMiUkJBBHlyxZ0tzczOExkUhks9m4vYphmEAgOHbs2NGjR7/77rsxB2MY5uTkNDw8zD2Grm1mZmZ1dTUfsROwlMx4zZk9jB1jLBaLTqfTarUNDQ0mk6mwsBDDME9Pz5aWFnRVmJ6eTm6uWLHCYrE0NDTcuHHjxo0bjY2N5eXlSFRKSkpGRkZnZ2d9fX1CQoJIJGKckfFmDKHMjX8gS2acMSUlRa1WowF1dXWjo6OXLl1CTbVanZyczGYv4xSlpaWDg4NNTU2XLl3SaDS1tbXE+JaWFr1ef/ToUbSBLBZLU1MT8lhnZ+fOnTvps5SXl6vVarVabTAYAgMD0VZjdDXdD25ubsnJye+8887PP/9M/pXHMCw1NVWj0Tx58oQ4ZeXKlYxup6wgh3U6na6+vl6n05lMpsjISLPZ3NTUdO3atfb2drJplFUj+5OnBLZtQ/cwo7Zsu4vnrhuvtgR3797Nz8+vqKhgFJiRkbF06VLiJ5XM9evXly5dmpGRwa0n21ah+IRiBd2TlBVnU6yxsTE7O7urq0uv1wcHB2/ZsoWuOaP/KSpRpuNwuEgkIv9p4uHhMTAwwDb+0aNHRUVFqampbAPIvPDCCyUlJZmZmYx/55F5/PhxcXFxVlYW9zC6tnPmzJHJZHzEjtdSOvzNmV1wX+agPODAwABqarXasLAw4hBjrgyd0tnZifrPnj0bFxeH43hvb69QKGTMGnd2doaEhKDPFotFLBb39vbSm2yS2fpNJpOrqyuaUaFQ5OXlrVu3Do338PAgcnF0e+micBz39fUlciMoKUyMJ7Sle6y+vp7wGBmpVNrY2MjT1XS3DAwMFBYWRkRECIXC8PDwkpISlIbGcTw+Pv7MmTP4PyvS1dXF5nbyCnJYRyTl6uvrBQLB4OAgoWF4eDijepTNwEcC9+KSPcyoLdvuYuynb12Uc+CvLYHRaAwLCzt9+jTdvYRnysrKJBLJmjVrDAYD6jQYDGvWrJFIJGVlZcgQjm8H21ah7DpyVoptD5OHMSpGobW11d/fn+4xuv8Zl4njHgzjGERbWxs5BYQk+/r6+vr6SiQSkUiUk5ODHEU+hNiyZQtFrM1mi4+PX79+Pc50h4MQKxAIli1bxqEVOpfcn5+fj04nf085xHJbOmaujNuc2QxDvoWCWCwmLsMDAwN7e3vHPEUkEs2bNw99joyM7OzsxDDM29s7LS0tPj4+KSkpMDAwLi7u9ddfJ8RqtVr0+fLlywqFgnhegtJklMzWHxAQEBERodVqo6KiTCZTcXFxRETEyMiIWq1+44030B8Ufn5+hNqPHj1iE/X48WOz2Uw8eTk6OkqkqsRiMeXpDrLHgoOD6R7r7+/v7e2NiYmh9HO4muIHlJfYvXv30NBQY2NjXl6ezWbbtWsXhmGpqal1dXWrVq2qq6tLTk6eO3cum9sJuK3z9PQkbPHw8HBxcSE0NJvNjOpRjOIjAWNfXIqHGbVl210cu44R/toi0tLSlErl2rVr2QS6ubmpVKqcnJzMzMyoqCj0iFFUVFRKSkpbWxsxF5ueHFuF45kiNk+OqRiGYb/99ltBQUFzc/Pw8PDo6ChKzJJh2y3cKrEhFAopiS/y9kO4urrqdDoMwwQCgVQqdXR0pB8imhT5jo6Ox44dk8vlK1eulMvljGIxDGtra1MqlQcPHty+fTtPbYuKipRKpdFoXLZsGR+xfCwdEw5zZi3js3CSnDp16ubNm3q93mQy5eXlLV68+NChQxiGOTo6BgQEoDEcibIJkJycrFar29raUlJSPD095XK5RqMhJ8rIG5QDq9UqEAhu3LhB7AmBYLKvFpG/KmPC5gdnZ+dFixZVVVWlp6ejGLNy5UqUPKmrq0N5GDa3E0zeukku07hg05bNTHp/fn7+lGjy8OHDpqamX375hXvYvXv3iouLNRpNaWkp6iktLa2oqMjNzS0tLZ0/fz7q5FimcW0V/tAVwzAsNTU1KyurtrZWJBLRf0AxFv+PeSeDDZRMe/r0KZFEGhgY8PDwII8RCARBQUGMp3McInj++efLysqys7MvXLjAdm5QUFBVVVVmZiaKMSj/MTIyQnjeYrG4urqStfX09PT09Ozu7qYENjax3JayzcjfnNkL92UOW1aB8RBjruzcuXPEpToZnU4XHBxM6bTZbL6+vm1tbYxNNskcM2q1WoVCsXz58gsXLuA4XlNTs23bNn9/f5PJxGYvmyixWExJWdCdwO0xMlKpVKfT8TyR4gccx8mPMOI4rtFoyBfs0dHRarXay8uLyLwRkN1OnpGPdRRbiCZdPfJm4CMB51xceo6FUVs2M+n9AwMDAoGAnM8kcmU8tUXYbDay1Yzk5OSIxeK8vDyz2UzuN5vNSqVSLBaTnxRi1H/MrULp4djD5GGMinV3dwuFQrIajJ6h+59xmfjkynDa01ZVVVXcT2pN7FBiYmJ8fDxHburatWvkL5FUKiU/lFxTU4OyXoGBgT/++CPRX1FRwZ1kI4vltpRtRj7mzGYmHmMsFotQKCQyuUQTbfG0tDSj0ajX6+VyeUlJCY7jzc3Ny5YtQ8+Vd3Z2ZmVlkf2LEqwajSY6OpropDTZJLP1I6RSqVQqRfKNRqOHh4dcLuewl01UTk5OfHw8+jOzvLyc/IQ+T4+Rs+1lZWUKhaKpqcloNG7ZskWj0XCcSPFDS0uLVCo9fPiwyWTq6+tDR8vKyogBxcXFMTExyL0cbievIB/r2H5zKeqRTxxvjGFcXPrvCF1bNjPZ+hUKRVZWVldXl8FgSEhImFiMwXm8lZKent7e3s52tL29PT09nUNPnMdWwWm/5mx7mLzibIpJpdKampq+vj6DwZCamopMHhgYEAqFLS0t6LYf3f+My0SerrOzUyQSMTqBeGvEbDafPn2a8f0YNu9xvB9Dv/khFosZ34+xWq3Nzc1LlizJzc0lxldXV0dERGg0GvQejEQiQQGAeD+mu7v7xIkTEolEq9WyqUQRy20p24x8zJnNTDzG4DheUlLi6up69OhRcrOyslIsFu/Zs0cqlXp5ea1fvx7dNR0eHi4pKYmIiHBycpJKpenp6V1dXZRZ8vPzd+7cScinNNGw8vJyimTUT58RsW7durS0NKIZFxdHlsloL30KHMetVqtSqQwODnZ1dU1OTkZ/wPKPMZR+m81WUFDg6+srEolSU1PNZjOHqyl+wHH8woULiYmJHh4erq6uMTExhw8fJh9FCUC0Lhxux0kryMc6tt9cunoTizGMi8j4E0PXls1Mtv7W1takpCSxWBwVFVVVVTWxGDOFN105lmnMrYLTYgzH14HynaWj0Wji4uJEIpG/v39eXh5hYGFhIXEi3f9skYC8wUQiEdvDBeiH28nJSS6Xo5QDo2kUUDSlcODAAbazamtrKX/TEEil0uzsbMp1//79+0NCQpycnKKjo8+ePUvWFvXHxsaSr0v4iOWwlGPGMc2ZzYwRYyYAx54Yk4iIiGvXrrE17THj/wt4+oEAPSVJecjHfoxXPUb+84s4bcxaT27bti0pKWmmtQCmm2m95z8md+/e5Wg+s4zXD5cvX05ISJi2WkawTAAfKioqeD5iA/yXsEvdZRzH33333T///JPneCgIP4X09/dXV1evWbNmphUBgH8xZ86cV155Zaa1AKYbu8QYBwcHJycnnk+IQkH4qYXIws+0IgAAADxiDL16toODA7nU2FdffbVgwQKiZpFMJnvy5IlSqSTquHAz+VcrZDKZXq8fs/b4lJeyn50MDQ19/fXXzs7OM63I+EDbZqa1+C8AngRmFWPHGPQQXktLi5eXF/q8devWPXv2EAPKy8t37txJeU1MIpFYLBY+GkzJ63symYz+DjaFvr6+srKySU4EAAAA8GfsGOPs7Ozs7Iwq9KHPKpXq7NmzHR0dGIZdvHjRYrGgmndCoTAiImJc0z98+NBgMCQmJk5Ed5qekxcCAAAATCETuR8TEBCQkZGBirnu2bOnsLAQXcSQS3ZzQC4qTi4Iz1jbnLEGPkdtc56FzTEeRdcBAACASTLBe/6FhYUnT5785ptv2tvbieLkY0IpZo79O1HGWNucsbA5xlnbnE9hc4yz6DoAAAAwNfB8j4b+SnNOTo5IJKqpqWEbT34RjF7MHP93QXi22ub0wub4Py/TMtY2b+dX2BznV9scAAAAmAwTf3Y5NzcXw7DMzEw+g6OiooaHh9va2lQqFfHfA8kF4Yna5h9++GFlZeVPP/2EsRc2xzgLifMpbI79U9u8tbV1eHg4KiqKjxUAAADAuJh4jPHw8BAKhTzvtJeWlmo0mtzc3Hv37hGdlCfKTp06deTIkZiYmOHh4by8vK1bt6J+OxU2xzDs3r17qMggubY5AAAAMFXY5R1MOiqVymAwSKVSuVy+efNmDMNGRkbq6uooTy2//PLLGzZsUKlUX3zxxblz5zw9PSUSyXhLAFit1vv376PPBoPhueeeYxy2efNmuVzu7+9vMBhUKtWEzAIAAAC4sFeMsdlslH/x5uPj8+mnn+r1evTejFar9ff3Dw0NRUfv3Lnz9ttv//DDDz09Pffv36+urkb/5U2pVGZnZ9++ffvBgwdbt269evUqn9nz8vIePHjw+++/l5SUpKSkoE5fX1+r1frHH3+gpsVi0ev1lZWVPj4+U2U1AAAAQMZeMUan0zFeQMhksuPHj2O0RFl4eHh8fHxOTg76R7NWq/XIkSMYhhUUFCQmJiYlJYWHhxuNRj43TsRicVxcXGxsbEJCQkxMTEFBAep3c3MrKiqSy+Xo2eXjx4/LZLIpMRYAAABgxAHH8SkXOjQ0FBkZWVRUtGnTJrYxCxYsOHbs2MKFC6d26o6OjujoaKilAQAAMBuwS21/Z2fnEydOvPrqqxxjoCA8AADAfx575cq4AwwAAADwLDBNz5UBAAAAzyB2uR8DAAAAABhcxwAAAAD2A2IMAAAAYC8gxgAAAAD2AmIMAAAAYC8gxgAAAAD2AmIMAAAAYC8gxgAAAAD2AmIMAAAAYC8gxgAAAAD2AmIMAAAAYC8gxgAAAAD2AmIMAAAAYC8gxgAAAAD2AmIMAAAAYC8gxgAAAAD24n9VWUHddssIggAAAABJRU5ErkJggg==) --- Research's Comment: ![](data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAiEAAADDCAIAAADbZlZwAAAACXBIWXMAAA7EAAAOxAGVKw4bAAAgAElEQVR4nO3df1ATd/4/8BUwhBB+Q+SXFbCHjnqUUkrRQ9tTx1KOcWjVXkUKVB1rHVopYzn0bJvSG7WonYoex/Ssgw6n3o3HUcahnEdtJ3KMh0gjRkRUChEjhYCCEQMG8vljv93vdn9lE1gEfD7+yr5573tf7/e+kxfZJO+dZrVaCQAAAAk4Pe4AAABgykKOAQAAqSDHAACAVJBjAABAKsgxAAAgFeQYAACQCnIMAABIBTkGAACk4mCOGRwcXLt2rYeHx9hGAwAAU4kjOWZwcDAxMdFisYx5NAAAMJU4kmM6OzuXL1++b9++MY8GAACmkmkOr1fW3t6+YMGC+/fvj21AAAAwZeAzfwAAkApyDAAASMXFZo2AgADqcXd395jUBACAJ4HtHKPVakW2Jb4mAAA8CWznmJCQEJFtia8JAABPAnweAwAAUkGOAQAAqTj++xgAAABheB8DAABSQY75f8LDwy9dusS3+cSa4OMwwcMDAOQYgiCIy5cvj4yMPPPMM5ybT6wJPg4TPDwAIETmmIMHD86ePdvV1fXZZ5/95ptvpIumvb2d734BfX19u3fv5tscpYqKipUrVzI2BYIZK+NwiNEcnRqW+/fvb926ddasWW5ubnPmzPnss8+Gh4ftPdzYnjJ6eI93GAFAgO0cc/Dgwc8///zLL7/s6OjIzc1NS0s7d+7cOETGcO/evV27dvFtjhJnjhmrxicvahzWr1+v1+vPnDmj1+uLioqqqqoaGhrsbW1sTxmB0wQwGdj+DeaePXtKS0t/+9vfEgSxdu3arq6ugoKCxYsXSx/bOLlz505LS8tLL73E2DQYDI81rseMGoeHDx+Wl5cbjUYvLy+CIJYtW7Zs2bLHHR3zrAHAxGTjfUxfX5/BYEhISKBKlixZ0tTURPx8gWLv3r0zZszw8fHJyMh4+PAhWWdwcHDDhg0eHh6zZs36+OOPyesqZP39+/eHh4f7+PisW7eur6+P86AHDhwIDw/38/N78803yTp9fX1hYWEmk2natGlHjx5lbApEcuHChcWLF3t4eISEhKxaterq1avsw1VUVKxYsWL69Omcm5999hmjWb7Dvfrqq3v37iX3unTpkqurK9XBt99++4MPPuAbZPYhhMdw9+7dAQEBQUFBX331lchRHR4e3r59+4wZM9zd3desWdPT0yMw2oxxGBkZIQjCxYXj35E///nPL7/8MrX5xz/+MSMjg3PMGaeMs4P0vri7u//+97/v6en54IMPAgIC/Pz83nrrrQcPHvCdNYrIRvhOInuE+c4F39RilzMu5bW3t/v4+NgVLcDkZSPHmEwmuVxOfyZ7enr29/dTf62rq6uvr6+vr29oaCgoKCDL8/PzBwYGGhsbq6qqNBpNcXExVb+xsbG2traurk6v1+/YsYPziFqtlqxjMBjy8vIIgvDy8mpublYqlWazOS0tjbEpEElycnJmZqZer6+pqUlISJDL5ewjClwoM5lM9T+jN8t5uOTk5OrqarLC6dOnR0ZGqqqqyM3q6uqkpCS+EeY8hMAYNjc363S6kpISMveLGdWCgoLq6urq6uqWlpbg4GDyvwS+0WaMg7u7e1JS0htvvPHf//6X8ZKXkpKi0WioewhVVFS89tprnGPOPmWcHSTjqamp0Wq1BoNh7ty5RqOxsbHx/PnzbW1t9K4JXCgT2QjfnGGPMGeofFNLzJRzIFqAycoqqK2tTalU0ktaW1u9vb3JPxEEodfryfKysrLY2Fjysb+/v8lkIh9rtdq4uDiqfn9/P1leU1MTERHBPhy9Tm1tLVWHEQl9ky+S3t5eFxcXs9nMOIperw8LCyMfm0wmpVLZ29vL3uRrlq/cYDAoFArycHFxcTk5OampqWR9T0/PoaEhzuF1YAypaEWOqtVqValUDQ0N4kebMSz9/f15eXmRkZEuLi5PP/20Wq22WCzkn+Lj40+dOmX9+Yx0dnZyjrmVdQbZHSTjuXfvHtUXJyengYEBKrynn36aMzz2ZLDZiPDJpY8wZ6h8U4uznD11yWeQ+GgBJi8bn8e4uLhYLBZ6ycjICHXZRC6Xz5w5k3w8d+5cvV5PEMTdu3eNRmNYWBi7vlKppC4ahIaG9vb2so9IrxMcHMxZh40zEh8fn9WrV8fHxy9dujQ4ODg2NvbFF18km62trSUrnzlzJi4ujrp2wdjkbJavPCgoKDIysra2dt68eQaD4aOPPoqMjBweHq6url6+fDn5XpB9+wMHxpAKT+So9vX19fb2RkVFsceNb7QZ40BePtq9e/fg4GBDQ0NOTo7FYvn0008JgkhJSTl9+vSqVatOnz6dlJQ0Y8YMzjFn4OugUqkkP/Uh++Lp6enm5kaFZzQaOcNjd0pMI3wnlzHCnKHyTS2+cgEiowWYpGzkGPLixqNHj6jLZf39/Z6engK7mM1mJyen+vp66mXRyemx/QrnxIkTFy9e1Ol0BoMhJydn0aJFBw8edHZ2DgoKIiuM7TfKkpKSqqurW1tbk5OTvby8oqOjNRoN/UKZyNsfSDGGzs7O4ivzjYOrq+vChQsLCwvT0tLIHPPaa6+RF5ROnz6dmZlJ8Iw5ox3ODg4NDY0yPCnwnQu+brLLt23bNj6hAkxENt/pBAcHnz17ltosLCxMTk62sq42lJeXU9d5lEol55UZvisGYuqIv1ZGj4ROq9WGhobSSywWi7+/f2trK+cmX7MCh6utrY2Li1u5cmVlZaXVai0qKnrvvfcCAwMNBgM7HuGmxIyh8IjRqVQqrVYr3Bq1L2McrFYrdaWIpNFo6FfkFixYUF1d7e3tTV12o9DHnHE4dgeF+yIQHmMyiGlE4OQyRpgzVIFussv7+/udnJzo1zMFZjVntACTl+3/jvPy8tavX//tt9/29PT8/e9/V6vVubm51F9zcnJu37595coVtVqdnJxMFqalpW3ZsuXKlSt37tzZu3cv+Q/vKPn7+5vN5uvXr3NuckZy9erVV1555bvvvuvp6bl169ahQ4eio6PJyoODgwRB1NbWBgYGhoeHk4WMTYEO8pUvXLiwra3t/PnzS5cuJQhi5cqVJSUlgYGB1NsmThKNIdlHUnZ29qZNmy5fvnz79u13331X+BdOjHG4du1aRETEX//61zt37vT19Z07d27Lli0bN26k6r/22ms5OTkJCQkeHh4CY844ZQ53kPM0OYbv5DKwQ+XrJme5h4dHbGxsTk7OTz/9dP36dfoXKwCmPjGJqLCwMCIiQiaTRUdHk/+hW3/+F2zPnj0qlcrb2zs9PZ36rNJsNmdnZ4eGhioUiqSkJPJfzlG+j7FarWq1WqFQlJSUMDb5IhkaGlKr1ZGRkTKZTKVSpaWldXZ20o+ybdu2HTt2UO0zNslqBQUFjGYFOm61WlNTU1evXk1txsbG0tvk7C/7ECLHUGDEGOUWiyU3N9ff318ul6ekpBiNRoF9GeNgtVorKytfeuklT09PhUIRFRX15Zdf0v9KXgAkzwvfmLPPILuDIv+pZ4fn2PsYzpPI+T6GHSpfN/nKb9y4sXTpUqVSOW/evMLCQryPgSeHqBzDifPZ+Fg4HElkZOT58+f5Nsf8cJOFyHGgkF9wZ3wXSzr2hsdpyp9EgAnC9u/8p7Br164JbD6x7B2HM2fOJCQk8H3La8zhNAFMIlh3GUalr6/v0KFDr7/++uMOBAAmIuQYGBXq84zHHQgATES41zIAAEgF72MAAEAqyDEAACAV5BgAAJAKcgwAAEgFOQYAAKSCHAMAAFJBjgEAAKkgxwAAgFSQYwAAQCrIMQAAIBXkGAAAkApyDAAASAU5BgAApIIcAwAAUkGOAQAAqTiSY7q7u9etW+fn5xcSEvL+++8PDg6OeVgAADAFOJJj0tPT5XK5TqfTaDSNjY07d+4c87AAAGAKsPs+mA8ePPD39zcaje7u7gRBXLhwITU19fr169KEBwAAk5iLvTu4u7s/fPiQ2hwaGpLJZGMaEgAATBGj/cz/T3/6U3p6+piEAgAAU8yocswnn3xisVi2bds2VtEAAMBUYvtaWUBAAPW4u7ubevz1118fO3asrq7O2dlZuCYAADyZbOcYrVbLLrxy5crmzZurqqr8/PyEawIAwBPL7u+VEQRx9+7duLi4/Pz8tWvXShETAABMDXbnmOHh4cTExHnz5hUUFFCFrq6uYx0YAABMenbnmPb29rCwMHqJt7f33bt3xzIoAACYEhy5VgYAACAG1sQEAACpIMcAAIBUkGMAAEAqtnNMe3u7h4eH+Bb7+vp2797twI42j9ve3u7j40M9nkYzc+bM7du3P3r0yN7jdnd3T58+/dy5c3wxUEcUUy4FgZ5KetDRnDuJTITTAQB2Gfv3Mffu3du1a9eYN8umVCrNZrPZbB4YGKisrPz+++/z8/PtbeTkyZNKpfL48eNSRDhW6D2tqqrSaDQO9BQAYPxN7mtlrq6urq6ubm5uv/71r/ft23fq1Cl7Wzh+/PihQ4fKy8ulfmcwSlRP58+f71hPAQDGnx05hrx+sn///vDwcB8fn3Xr1vX19THq9PX1hYWFmUymadOm/fOf/yQI4sCBA+Hh4X5+fm+++Sa9/uDg4IYNGzw8PGbNmvXxxx8PDw+PsidyudxsNtu1y82bNzs6OtatWxcTE1NZWUkW3r59++WXX/bw8JgzZw79/Q1nOTkmu3fvDggICAoK+uqrrwR6d+HChcWLF3t4eISEhKxaterq1atkZb5yPjKZbGhoiNp34cKFbm5uAQEBa9asuX37tkBUbGTNvXv3zpgxw8fHJyMjg37jBgpfd9iH5uuOmNPN2aBdpwMAJhr73seYTKbGxsba2tq6ujq9Xr9jxw5GBS8vr+bmZvLazquvvmoymbRaLVnfYDDk5eVRNfPz8wcGBhobG8mLP8XFxaPpRl9fn1qtTkpKsmuv0tLS1NRUgiDS0tKo16msrCxPT8+mpqbKykr6ixdfuclkam5u1ul0JSUlCQkJAr1LTk7OzMzU6/U1NTUJCQlyuZyszFfO6e7dux999NHGjRvJzYaGhk2bNnV2dup0utDQ0KysLIGoOJlMprq6uvr6+vr6+oaGBvryDRTO7vAdmrM7Yk43Z4P2ng4AmFistrS1tSmVSvIBQRD9/f1keU1NTUREhPj6tbW19Pr+/v4mk4l8rNVq4+Li+Nqhl3h7e1OPCYLw/5lMJktNTSUbZO/IJzIyUqfTWa3WgYEBlUrV399vsVjkcrlerycrlJWVkUfkKyfD6O3tZbTM7l1vb6+Li4vZbGbU5Cun95rqqa+vr5OTU2JiImfNGzduBAYGCkTF1zi9X7GxsVbWGNo8WdSh+bpjswXOBu09HQAw0dh3H0ylUkl93Sg0NLS3t1d8/eDgYKr+3bt3jUYjtSbNyMiIi4vdd+RUKBTkSs/V1dV5eXmHDx92c3MTv/uFCxeUSuX8+fMJgnBzc0tMTCwrK1uxYgVBEDNnziTrzJ07l3zQ1dXFWU72kfGlJs7e+fj4rF69Oj4+funSpcHBwbGxsS+++CJBEHzlnD0lCKK1tTU7O/vAgQNbt24lCOKHH37Izc1tamoaGhoaGRkZGRnhi4qPXC6n90uv1zMq8J0szkNzdkfk6WY3yDfsAqcDACYUu1/Zx4TZbHZycqqvr6dea5ycmFftFAqF2WweHh6m7k9jMpkUCgVVwcnJKSQkhCCIjIyMffv2HT58+N133xUfQ2lpaVNTE3XPG7PZbDAYyBwzSny9O3HixMWLF3U6ncFgyMnJWbRo0cGDBwXK2T0lCCIkJKSwsHD9+vVkjklJSdm4cWNxcbFcLu/o6EhMTBx9/CK7w3dodnd27Nhh83SPT18AYLzZfKdDv/ZFv35Cv3LlQH2lUtnQ0CB8aJVKVVNTQ20WFRVRl4kYjZ88eTI0NJS8RCPmWpnFYgkMDKyrq+v4mV6v9/b27ujooF+EKS8v57w4Q5XzHctm77RabWhoqJhy9iHOnz9PXnXs6upycXGh7yscFRvjWll5eTnntTJ2d/gOzdcdmwPC2SDfsPOVA8BEM/Y5xmQyubi4tLS0CNffvHlzfHw8+d9uQUFBfn4+u6lDhw5FRkZqNBqj0Xjq1ClfX18q5bBfRufNm1dcXEz9yfxLFouFXrmqqmrevHmMw61evfrzzz9PSUlZvXp1R0eHTqeLjo6mYuYs53s1Z/euqakpMTHx7NmzRqNRr9dv3LgxOTnZarXylTPGn+pIU1PTkiVLtmzZQv5VpVIVFRXdu3evpaUlJSXFsRxD75darbZarf39/S4uLs3NzeS4cZ4szkPzdUfM6eZs0K7TAQATzdjnGKvVqlarFQrF/v37Beqbzebs7OzQ0FCFQpGUlNTa2srZ1Oeffx4WFiaTyRYsWFBWVsaOilJaWhoWFjY0NES+bjKQ6YeSnp6em5vLONaRI0diYmI6OjpWrFihVCojIyP37dtHxcxZzvdqzu7d0NCQWq2OjIyUyWQqlSotLa2zs9NqtfKV03tK74hKpdq0aRP1TQqNRhMbGyuXywMDA3Nycvii4ouTLN+zZ49KpfL29k5PTx8YGCD/lJeXp1AoSkpK+E4W56H5uiPmdHM2aNfpAICJBmv7PxHa29sXLFhw//59keUAAGNicv/OH8Rj3FkOAGAcIMeMvUuXLr3zzjuPO4pfUCqV5eXljzuKx+bRo0dr16796aefxFQODw+/dOmS1CEBPCGQY8ZeZmbmRHvT4OfnN3v27McdxWMzffp0mUy2bds2mzUvX748MjLyzDPPjENUAE8C2znm7t27b731VkBAQEhIyB/+8IdHjx5RC7+P/5rqItecp+4vIFH7Aofr6elpbGzMzs7mbO3gwYOzZ892dXV99tlnv/nmG8ahqQX8nZ2dw8PDP/30U3JdL8by/qQDBw6Qf3J2dmbcm0DkTRD4RoDa9+DBg+Hh4e7u7i+88MK3337LFy1ns3w9tXnLBuHusMdh2rRpHh4e9EXe/va3v82ZM+fHH3+kHyg7O7u6upqv15SKioqVK1farCZMilnq8C02HNh3rNj7+vD++++7ubkdPXqU0Yhj9/jg3BceA5vfCli5cmVqampHR0dzc3NCQkJeXh79m2bj/30egWVXKOK/vDsmO9L34ntstVoLCwvDwsKqq6u7urqOHz/u6+ur0WgYjVBr+JMLrpDf8RX4Njb5rbOIiAhqpRYra9EderM6nW7RokU7d+7k6y+1b2FhYUREBPkt5FOnTvn7+9N/qyTcrEBPxSwRJNAd8ojNzc3e3t7UUGRnZ6enp1P1o6KiSkpK2F+DFHNm4+Lizpw5Y7OaTVLMUjFtcjbu8NNhlOx6fTAajU5OTlqtlvEzA5sThj4PGxsb4+PjBaY3jD8bOWZgYCA0NJR6wtfV1T399NMdHR0xMTFWq7Wjo8PmwlOPxQTJMdRAkYKDg8+ePUttfvHFF/SfwrAPXVNTQ/6IRyCqtrY2hUIRExOzefNmeiHjSUjfpba2du7cuXx/pfZlRFtcXCwcLb1ZgZ7afMkQ7g5nicFgUCqVbW1tVqu1srIyIiLCYrEwBl/MmTUYDN7e3kNDQ8LVxoqkr4CTLscIf72er1nOZ43A9IbxZ+NamZub261bt9zd3cnNGzduBAcHh4SEXLx4kSCIkJCQ//3vf+Sf/v3vfws3RVXgW8p+eHh4+/btM2bMcHd3X7NmTU9PD3uNevqbX7516en3Fzh69ChfYHxL09OxV6Rnh8Q4HH13aqDIqAwGA30J5CVLljQ1NQmMmFwut1gswqNKEISTk9OxY8dKSkr+85//2KxM/PLWAHzY0a5fv/7QoUNimnWgp3T2docgiKCgoMzMTHLF6D179uTl5Tk7O9MHXwB9elRUVKxYsWL69OnkJudElWiWEraeQfQL1HbdYoOak5x32bB5zwXOCgIxiLnnwoMHD95+++2AgICZM2d+8sknw8PDPT09fE8iezlwjw+QlB2f+V+7dm3btm379u3j/GtmZuayZcs4n9UXLlxYtmxZZmYmucm3lH1BQUF1dXV1dXVLS0twcDD5qiS8Rj3nuvT0+wukpaXxBca3ND0d54r0jJAYh+MbPZPJJJfLqdcvgiA8PT37+/v56nd3d+/cuTMlJYWvAt38+fPVavX69evZLzcMjFsDiI92+vTps2bNEtOsvT1lE98dSl5e3vHjx7/++uu2tjZqpgljTEuC9WEM50SVaJYSgs8gdoPib7FBNs53lw2b91zgq8AXg5h7Lrz33nsGg6GhoaGqqqqioqKoqMjPz0/Mk8gmx+7xAdIS+X6no6MjIiLi5MmTfBVMJtOuXbt8fX1ff/31lpYWsrClpeX111/39fXdtWsXecFNYCl7lUrFWNKKvUY94woAwbUuPaMaZ2AM9FXxhde051w2X8x1CXZ5a2sr/UoCYw1/uVy+efNmagU2gnYjA39//6ysLEazFoslPj6e/FiC7yYI7FsD8F2IoJdv27aN3J1+awaBZoV7KvLSB1932LtQNm/eLJfLi4qKWGPPPC57WlqtVpPJpFQqqTPLN1ElmqVWWxOV/iEoYc8tNti70O+yYfOeC5wV+GIQc88Fi8WiVCqphR4qKiri4+PZo8HZEapEzD0+BNqE8SQ2x8THxxcWFtqs1tvbm5KSQi1u6OLikpKScu/ePXqdN954Izo6OicnZ9++fd9//z1ZeO/ePRcXFzEf99GfOXK5nPpTU1OTSqXi25ERmNVqbWhoWL58eXBwMPkqyV6FhbwTATV9fX19VSoV56wVk2PI1TbpJTdu3PD396c3olAoyAU6DQYDfSjofyJRr2iMl06FQlFeXs7+hIPaUaPRxMTEfPHFFwIjTK0NSpbcu3evo6Pj/PnzjIzI16xwT8VfXufsDnsXSmNjI3mdxMqF3jLntCwrK1u6dCm9hD1RpZ6lVq6JyqjM/i6D8NK0ArtwznBGMJwV+Bo0GAyMzrJjMxgMMpmM2mxpaeH8946zI+wu0+dhSUlJYGAgtRiSQJswnkRdK7tz505jY6PNlfNv3ryZlZWl0Wjy8/PJkvz8fI1Gs2XLlps3b1LVTpw4cfjw4aioqKGhoZycHHqz1DL+Y4sdGEEQKSkpS5Ys0Wg0Wq2WutEyHbWmvVar1Wq1jY2N1E1cHEBeB6B/u7e/v9/T05Neh1zDPyQkJCgoiDEU1J9InF8J/dWvfrVr165NmzYZjUa+fRcvXlxYWFhUVET+ibqBAlWZvIECPVovL6+QkBCZTEa/sYJAs8I95Tui+O7w8fT0dHFxcXV1tVmTc1qyv7XMN1ElmqUEz0SVjs0ZPrZPAcfYnDDUPMzIyPD39z98+PA4RwjCROUYlUql0+mE67zzzjvR0dGBgYEtLS3bt28nC7dv397S0qJSqaKjo+k/fX/uuecyMjK2b99+5MgR8vfnXl5evr6+9v6+2mw237p1i3zc0tLy1FNPiQysu7vbYDB8+OGHs2fPDgkJ4by9cVBQkEKh6O3tpV5Jg4KC7AqPzsvLKzg4uKamhiohvzbmcIOctm7dOm/ePM7Plijkf+Lk44CAAF9f3/Pnz1N/1Wg0UVFRZLS1tbVU+dmzZ6OiosQ0K9xTviM63B0HsKfl8PDw6dOn2b+MYUxU6WYpwTNRJWVzhtv7FFCpVARB0DvLWUcmk/3444/kZnNzs/APlu2aMDt37iwoKBgcHBRoEMabyPc7Nr+bn5aWRn55lFNbW1taWppVcCn7Xbt2xcXFNTY2dnR0kP/N2bwKQXCtS2+l3V9AIDDOleRtrmnP+e6bfji9Xs+4UkShfjViNBpPnjzJ+fsYvtET+H0M+8MPpVLJ+QMC9q0BrPw3UKB+H9PV1VVaWurr61tbW8sXEqNZ4Z7adcsGRneoauyLMMIXRm7cuMG5CzktNRrNggUL6H/im6gSzVKriGeQXdfK6I0L7GLzngucFQQaFHPPhY0bN65cuVKv1+t0upiYGPIivMDpc+weH1bBJw6MG1E5xq7vuQsTWMreYrHk5ub6+/vL5fKUlBSj0Wjz2cu3Lr315/sLkEvTc+JcSd5qa017vmcCdTiz2SyXy/m+XEC+cMtksujo6MrKSr6uMbRx3a2A/PCDc6/i4mLGh6IUxq0BSHw3UCBThUwmi4mJof/eRUyzAj0VOKLN7lDV7M0xp06dioqK4vvrtm3bduzYQS/hm6jjPEvZbYrMMfTGBXaxec8FzgoCDYq554LJZNq0aZO/v39oaKhareb7b4nOgXt8WHmeOIzbfIDUJvHa/hN2XfqtW7fqdDrG4ivwGA0ODs6dO3fnzp0bNmzgrDBnzpxjx4698MILY37oCTtLAcaHy+MOYArat2/f+H80CgJcXV1LS0t/85vf8FW4du3aeMYD8OTAustjb/r06c8///zjjgJ+QSDBAIB0kGMAAEAqk/jzGAAAmODwPgYAAKSCHAMAAFJBjgEAAKkgxwAAgFSQYwAAQCrIMQAAIBXkGAAAkApyDAAASAU5BgAApIIcAwAAUkGOAQAAqSDHAACAVJBjAABAKsgxAAAgFeQYAACQiiM55tq1a6+88oqXl9eMGTM2bNjQ19c35mEBAMAU4EiOSUpKCg0NbW5ubmhoMJvNmzdvHvOwAABgCrD7PpiDg4PFxcXr16/38PAgCOLy5ctJSUm3bt2SJjwAAJjERnWv5UePHu3cubOzs/Po0aNjGBMAAEwNjn/m/69//UuhUNTV1X355ZdjGBAAAEwZjueYxMTEs2fPGo3GkpKSsYsHAACmDtvXygICAqjH3d3djL9+8803O3fuvHjxos2aAADwpHGxWUOr1dI3Hz16pNVqn3/+eXIzIiLCYDBw1gQAgCec7RwTEhJC3xwZGVm0aFFXV5ePjw9BEC0tLU899RRnTQAAeMLZ/XmMq6trYmLili1bbt++fenSpby8vMzMTAkCAwCASc+Rz/yPHDlCEMSCBQuSk5NTU1PfeeedsY4KAACmglH9PjfCb2cAAAjLSURBVAYAAEAA1sQEAACpIMcAAIBUkGMAAEAqYnNMd3f39OnTz507Ry98//333dzcyMXK+vr6du/ePZpQ6C20t7eTa246tvtE097ePo3lwIEDAruM7XiOvr4DZ2SURjkfhDnc4ESeZgATkVWcwsJCb2/vzZs3UyVGo9HJyUmr1VosFqvV2tbWplQqRbbGid6CA62NPgDpkLGZf4kcN+FdRn/QMaxvNptHE4+9RjkfxDc+PjsCPJnEvo85fvz4oUOHysvLHz16RJaYTCaFQvHMM884OztLlgGnFNdfmnTj5urq+rhDAIBJRlSOuXnzZkdHx7p162JiYiorKwmC6OnpCQsLM5lM06ZNO3r0aF9fH32TIIjBwcENGzZ4eHjMmjXr448/Hh4eJq9O7N69OyAgICgo6KuvvqIfgt0CQRAHDhwIDw/38/N78803qbttXrhwYeHChW5ubgEBAWvWrLl9+zbf7gxkAHv37p0xY4aPj09GRsbDhw+pckZg7Pipoy9evNjDwyMkJGTVqlVXr17lKxSDPPT+/fvDw8N9fHzWrVtHdlPMePJFzjeeDx48ePvttwMCAmbOnPnJJ59QPeKsz26ZcXHpzp07v/vd7zw8PMLDw/fv308u+iBQLt184DtTFM4JwyByeMVMMwCgE5VjSktLU1NTCYJIS0s7fvw4QRB+fn7Nzc3k9Z+0tDQvLy/6JkEQ+fn5AwMDjY2NVVVVGo2muLiYIAiTydTc3KzT6UpKShISEuiHYLdgMpm0Wm1tbW1dXZ3BYMjLyyNrNjQ0bNq0qbOzU6fThYaGZmVlce7OyWQy1dXV1dfX19fXNzQ0FBQUUOWMwDjjJwgiOTk5MzNTr9fX1NQkJCTI5XK+QpFMJlNjYyPZTb1ev2PHDs7u8MXDN6TsFt577z2DwdDQ0FBVVVVRUVFUVGRz/PlOFkEQWVlZMpnsxo0b1dXVx44ds1ku3XzgGxkK54RhEDm8IqcZAPx/Yi6oRUZG6nQ6q9U6MDCgUqn6+/utrAvTjE1/f3+TyUQ+1mq1cXFxbW1tBEH09vbyHYVx/Z0gCPJAVqu1trY2IiKCvcuNGzcCAwM5A+BsnyAIvV5PbpaVlcXGxlLljMDY8Vut1t7eXhcXF8bHEpyFnIf2p8nKymJ3s6amhuqmzfHki5x+UKoFi8WiVCpbW1vJzYqKivj4eIH67JYZrcnlcqq1srIyb29vgXLO+MdqPnCODB9qwjg8vPg8BsAuttfEvHDhglKpnD9/PkEQbm5uiYmJZWVlGRkZArvcvXvXaDSGhYWRmyMjIy4uLgRBKJVK6uKJTUqlkro4Exwc3NvbSz7+4YcfcnNzm5qahoaGRkZGRkZGRDZIEIRcLp85cyb5eO7cuXq9njoWPTC++H18fFavXh0fH7906dLg4ODY2NgXX3yRs5B9aIVCQV+XWqFQsLsZGhpKdZOOLx525Hy6urqGhobCw8OpvpMvoAIEWu7q6hoZGaG3Jlwu3XwQGBmKzQkz+uEFAD62c0xpaWlTUxN1bxiz2WwwGIRzjNlsdnJyqq+vp56rTk5OQ0NDow+XIIiUlJSNGzcWFxfL5fKOjo7ExMQxaZaOM37ywYkTJy5evKjT6QwGQ05OzqJFiw4ePMhZyGjTycnJ4XWpBeKZFKSbD2JGxuaEmezDCzCR2cgxw8PD//jHPzQaTXBwMFkyMjISFRV1584dgb2CgoIUCkVvb++zzz5LFba3t48+3O7uboPB8OGHH5KbRqPRrt3NZvOtW7fItzL0uxIwcMZPee6555577jmCIJKSkpKTk8l0wlk4VoTjEUOlUslksh9//JF8k9Hc3Ez92+5Ya05OTu3t7bNmzSJbEy6Xbj7YHBkxE2b0wwsAfGz8v1ZdXe3r6/v888+H/GzmzJnLly8/efIko6a/v7/ZbL5+/Tq5mZaWtmXLlitXrty5c2fv3r2ffvqpzVAYLXAKCAjw9fX9y1/+0tfXd/36dbVabdfuBEHk5OTcvn37ypUrarU6OTmZrxpn/FevXn3llVe+++67np6eW7duHTp0KDo6mrOQs83BX2J/A0pgNEY5ns7Ozm+88UZ2dvatW7fIvpNf4hA4ogBnZ+fk5OTs7Oz29nayNeHy0ccvQLhlvgnj6+trNpuvXbtGngXx4YkfJQAgCFuf+aenp+fm5jIKjxw5EhMTw/7wU61WKxSKkpISq9VqNpuzs7NDQ0MVCkVSUlJra6uYD0upFthfKKA+PdZoNLGxsXK5PDAwMCcnhyoX2J1qRKlU7tmzR6VSeXt7p6enDwwMWHk+xWXHb7Vah4aG1Gp1ZGSkTCZTqVRpaWmdnZ2chexDs0f+iy++EOimzfHki5xzPK1Wq8lk2rRpk7+/f2hoqFqt5vwFqMAAMko6OzuTk5OVSmVYWNiePXuosPnKpZsPnCNDxzdh8vLyHBte+qgCgLCpubZ/e3v7ggUL7t+/b7MQRu/atWtLliz56aefRJYDwJNjyn62OZrPG8AuWq02IiJCfDkAPDlsf69sMlIqleXl5Y87iqns008/DQ4OXrlyZWtr644dOz766CPhcgB4Mk3Na2WccK1sDJ07dy47O1un0z311FNZWVlbt24VLgeAJ9MTlGMAAGCcTdnPYwAA4LFDjgEAAKkgxwAAgFSQYwAAQCrIMQAAIBXkGAAAkApyDAAASAU5BgAApIIcAwAAUkGOAQAAqSDHAACAVJBjAABAKsgxAAAgFeQYAACQCnIMAABIBTkGAACkghwDAABSQY4BAACpIMcAAIBUkGMAAEAqyDEAACAV5BgAAJAKcgwAAEgFOQYAAKSCHAMAAFJBjgEAAKkgxwAAgFSQYwAAQCrIMQAAIBXkGAAAkApyDAAASAU5BgAApIIcAwAAUkGOAQAAqSDHAACAVJBjAABAKsgxAAAgFeQYAACQCnIMAABIBTkGAACkghwDAABSQY4BAACpIMcAAIBUkGMAAEAqyDEAACAV5BgAAJAKcgwAAEgFOQYAAKTyf3ZzLXFQaOXFAAAAAElFTkSuQmCC) --- **Screenshot:** ![bpw-bern.ch vulnerability](/twimages/screen-1252021.jpg) **Mirror:** [Click here to view the mirror](<http://1252021.openbounty.org/mirror/>) ### Coordinated Disclosure Timeline Vulnerability Reported:| 6 August, 2020 09:44 GMT ---|--- Vulnerability Verified:| 7 August, 2020 08:49 GMT Website Operator Notified via Bug Bounty:| 7 August, 2020 08:49 GMT Public Report Published [without any technical details]:| 7 August, 2020 08:49 GMT ---|--- Vulnerability Fixed:| 30 August, 2020 00:04 GMT ---|---

{"id": "OBB:1252021", "type": "openbugbounty", "bulletinFamily": "bugbounty", "title": "bpw-bern.ch Cross Site Scripting vulnerability OBB-1252021 ", "description": " \n\n\nFollowing coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147](<https://www.iso.org/standard/45170.html>)** standard, Open Bug Bounty has: \n\n&nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; \n&nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence.\n\nAffected Website:| **[bpw-bern.ch](<https://bpw-bern.ch>) ** \n---|--- \nOpen Bug Bounty Program:| **View Open Bug Bounty Program** \nVulnerable Application:| Other \nVulnerability Type:| **[XSS (Cross Site Scripting)](<https://www.owasp.org/index.php/Cross-site_Scripting_\\(XSS\\)>)** / CWE-79 \nCVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] \nDisclosure Standard:| Coordinated Disclosure based on **[ISO 29147](<https://www.iso.org/standard/45170.html>)** guidelines \nDiscovered and Reported by:| **metamorfosec ** \nRemediation Guide:| **[OWASP XSS Prevention Cheat Sheet](<https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.md>)** \nExport Vulnerability Data:| Bugzilla Vulnerability Data \nJIRA Vulnerability Data [ Configuration ] \nMantis Vulnerability Data \nSplunk Vulnerability Data \nXML Vulnerability Data [ XSD ] \n \nVulnerable URL:\n\n![](data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAiEAAAA3CAIAAABVZQ1/AAAACXBIWXMAAA7EAAAOxAGVKw4bAAATqElEQVR4nO2de1AT1/fAlxAhQHgFiLxsACkylKEppREttQx2WsswDipqa6kiMhQZHxmKlFiGMjiDimAVKcM4tmPVqn9YxzqMWpvaNtLUotKIKWKKDGCMFAMCpjRgYL9/3On+tvtieQT41fP5K/fu3XPPOfcmhz27e3DAcRwDAAAAADsgmGkFAAAAgP8sEGMAAAAAewExBgAAALAXEGMAAAAAewExBgAAALAXEGMAAAAAezF7Y0xoaOitW7fYms8ss9wPs1w9YAa5devW5s2bZ1oLYLqZpTHm9u3bo6OjL774ImPzmWWW+2GWqwfMLBkZGSEhITOtBTDdjBFjOjo63N3dGQ/19/fv3r2brTlJzp8/v3z5ckqTQ5mpYhqmmMzUhFuePHmyfft2mUzm4uKyYMGCvXv3joyMjHfGqV0ysnoz6MZp4/Hjxxs3bvTz8wsKCvroo4+ePn1KWN3R0eHt7T2dyvB0+IRXfGILSp6up6enqalJqVQySjt06ND8+fOdnZ1feumlixcvUqZ2+AdHR8fQ0NBdu3ah3U4+RHDw4EF0yNHR8erVqxRRxLpQzp03b55KpXr69CmbveRzDx06FBoa6ubmtnDhwu+//55NW7pYDku5ZxzTnFkNzkl7e7tYLOZziGPkBFAoFJcvX6Y0p3YKRqZhislMTbglLS0tNTW1paWlu7tbrVYnJiY2NDTYY8ZxQag3g26cNpYvX75u3Tqj0djS0pKQkFBYWEhY3d7e7uXlNc36WK3WMcdMeF0mdiL5LLbPOI5XVVWFhISo1eru7u6TJ09KJBKNRkMRYrVarVbr4OCgTqdTKBSlpaWUQwQ2mw0dwjAsLCzMYrGQRRHrQhGr1+sXL15cVFTEZi9xblVVVVhY2JUrV8xm85kzZ3x9fevr69m0pYjlsJRjRj7mzGZmY4wxmUxeXl7Dw8OU5jMeYwg/DA4OCoXCvr4+e884Lsir9p+PMYODg8HBwcQXvqGhITw83Gg0xsbG4jhuNBoVCsWMKsjMLIkxhKMQgYGBV65cIZoHDhxISUnhmLq+vj4qKopbq/b2dldX19jY2JycHHInJcaQT9FqtZGRkWxHiXMp2tbW1nJrSxbLYemYMYbbnNkMr/sxBw8eDA0N9fHxef/99/v7+zEM6+/vDwkJsVgsDg4OX375Jbm5f/9+d3f3ffv2zZ0719vbe8OGDX///TeSc/369ddee83d3T0oKGjVqlV37txhnO78+fNvvvnmnDlzGJt79+6lSEaXmfQZV6xYsW/fPnTWrVu3nJ2dkfIYhn3wwQc7duxgs5c+BYZhQ0NDmzZtcnd3l8lkn3zyCXG17u7uvnv3bj8/v4CAgM8//xz1VFZWhoaGent7v/fee8SkZEZGRlQq1dy5c93c3FavXt3T08PmarpbRkdHMQwTCoV0sZ999tlbb71FND/++OMNGzYwup2yghzWIVvc3NzWrl3b09OzY8cOPz8/Hx+fjRs3/vXXX2yrhuAvgW0R6R5mWwu23UXvp+QliJwDf21dXFzu37/v5uaGmq2trYGBgUFBQTdv3sQwLCgo6Ndff0WHvv32W6Yt9n8QA9j0p28Vtl3H7UnKirMpdv369UWLFrm4uPj5+a1evfrBgwf0MXT/01WiTEc+nXAU0spkMiUkJBBHlyxZ0tzczOExkUhks9m4vYphmEAgOHbs2NGjR7/77rsxB2MY5uTkNDw8zD2Grm1mZmZ1dTUfsROwlMx4zZk9jB1jLBaLTqfTarUNDQ0mk6mwsBDDME9Pz5aWFnRVmJ6eTm6uWLHCYrE0NDTcuHHjxo0bjY2N5eXlSFRKSkpGRkZnZ2d9fX1CQoJIJGKckfFmDKHMjX8gS2acMSUlRa1WowF1dXWjo6OXLl1CTbVanZyczGYv4xSlpaWDg4NNTU2XLl3SaDS1tbXE+JaWFr1ef/ToUbSBLBZLU1MT8lhnZ+fOnTvps5SXl6vVarVabTAYAgMD0VZjdDXdD25ubsnJye+8887PP/9M/pXHMCw1NVWj0Tx58oQ4ZeXKlYxup6wgh3U6na6+vl6n05lMpsjISLPZ3NTUdO3atfb2drJplFUj+5OnBLZtQ/cwo7Zsu4vnrhuvtgR3797Nz8+vqKhgFJiRkbF06VLiJ5XM9evXly5dmpGRwa0n21ah+IRiBd2TlBVnU6yxsTE7O7urq0uv1wcHB2/ZsoWuOaP/KSpRpuNwuEgkIv9p4uHhMTAwwDb+0aNHRUVFqampbAPIvPDCCyUlJZmZmYx/55F5/PhxcXFxVlYW9zC6tnPmzJHJZHzEjtdSOvzNmV1wX+agPODAwABqarXasLAw4hBjrgyd0tnZifrPnj0bFxeH43hvb69QKGTMGnd2doaEhKDPFotFLBb39vbSm2yS2fpNJpOrqyuaUaFQ5OXlrVu3Do338PAgcnF0e+micBz39fUlciMoKUyMJ7Sle6y+vp7wGBmpVNrY2MjT1XS3DAwMFBYWRkRECIXC8PDwkpISlIbGcTw+Pv7MmTP4PyvS1dXF5nbyCnJYRyTl6uvrBQLB4OAgoWF4eDijepTNwEcC9+KSPcyoLdvuYuynb12Uc+CvLYHRaAwLCzt9+jTdvYRnysrKJBLJmjVrDAYD6jQYDGvWrJFIJGVlZcgQjm8H21ah7DpyVoptD5OHMSpGobW11d/fn+4xuv8Zl4njHgzjGERbWxs5BYQk+/r6+vr6SiQSkUiUk5ODHEU+hNiyZQtFrM1mi4+PX79+Pc50h4MQKxAIli1bxqEVOpfcn5+fj04nf085xHJbOmaujNuc2QxDvoWCWCwmLsMDAwN7e3vHPEUkEs2bNw99joyM7OzsxDDM29s7LS0tPj4+KSkpMDAwLi7u9ddfJ8RqtVr0+fLlywqFgnhegtJklMzWHxAQEBERodVqo6KiTCZTcXFxRETEyMiIWq1+44030B8Ufn5+hNqPHj1iE/X48WOz2Uw8eTk6OkqkqsRiMeXpDrLHgoOD6R7r7+/v7e2NiYmh9HO4muIHlJfYvXv30NBQY2NjXl6ezWbbtWsXhmGpqal1dXWrVq2qq6tLTk6eO3cum9sJuK3z9PQkbPHw8HBxcSE0NJvNjOpRjOIjAWNfXIqHGbVl210cu44R/toi0tLSlErl2rVr2QS6ubmpVKqcnJzMzMyoqCj0iFFUVFRKSkpbWxsxF5ueHFuF45kiNk+OqRiGYb/99ltBQUFzc/Pw8PDo6ChKzJJh2y3cKrEhFAopiS/y9kO4urrqdDoMwwQCgVQqdXR0pB8imhT5jo6Ox44dk8vlK1eulMvljGIxDGtra1MqlQcPHty+fTtPbYuKipRKpdFoXLZsGR+xfCwdEw5zZi3js3CSnDp16ubNm3q93mQy5eXlLV68+NChQxiGOTo6BgQEoDEcibIJkJycrFar29raUlJSPD095XK5RqMhJ8rIG5QDq9UqEAhu3LhB7AmBYLKvFpG/KmPC5gdnZ+dFixZVVVWlp6ejGLNy5UqUPKmrq0N5GDa3E0zeukku07hg05bNTHp/fn7+lGjy8OHDpqamX375hXvYvXv3iouLNRpNaWkp6iktLa2oqMjNzS0tLZ0/fz7q5FimcW0V/tAVwzAsNTU1KyurtrZWJBLRf0AxFv+PeSeDDZRMe/r0KZFEGhgY8PDwII8RCARBQUGMp3McInj++efLysqys7MvXLjAdm5QUFBVVVVmZiaKMSj/MTIyQnjeYrG4urqStfX09PT09Ozu7qYENjax3JayzcjfnNkL92UOW1aB8RBjruzcuXPEpToZnU4XHBxM6bTZbL6+vm1tbYxNNskcM2q1WoVCsXz58gsXLuA4XlNTs23bNn9/f5PJxGYvmyixWExJWdCdwO0xMlKpVKfT8TyR4gccx8mPMOI4rtFoyBfs0dHRarXay8uLyLwRkN1OnpGPdRRbiCZdPfJm4CMB51xceo6FUVs2M+n9AwMDAoGAnM8kcmU8tUXYbDay1Yzk5OSIxeK8vDyz2UzuN5vNSqVSLBaTnxRi1H/MrULp4djD5GGMinV3dwuFQrIajJ6h+59xmfjkynDa01ZVVVXcT2pN7FBiYmJ8fDxHburatWvkL5FUKiU/lFxTU4OyXoGBgT/++CPRX1FRwZ1kI4vltpRtRj7mzGYmHmMsFotQKCQyuUQTbfG0tDSj0ajX6+VyeUlJCY7jzc3Ny5YtQ8+Vd3Z2ZmVlkf2LEqwajSY6OpropDTZJLP1I6RSqVQqRfKNRqOHh4dcLuewl01UTk5OfHw8+jOzvLyc/IQ+T4+Rs+1lZWUKhaKpqcloNG7ZskWj0XCcSPFDS0uLVCo9fPiwyWTq6+tDR8vKyogBxcXFMTExyL0cbievIB/r2H5zKeqRTxxvjGFcXPrvCF1bNjPZ+hUKRVZWVldXl8FgSEhImFiMwXm8lZKent7e3s52tL29PT09nUNPnMdWwWm/5mx7mLzibIpJpdKampq+vj6DwZCamopMHhgYEAqFLS0t6LYf3f+My0SerrOzUyQSMTqBeGvEbDafPn2a8f0YNu9xvB9Dv/khFosZ34+xWq3Nzc1LlizJzc0lxldXV0dERGg0GvQejEQiQQGAeD+mu7v7xIkTEolEq9WyqUQRy20p24x8zJnNTDzG4DheUlLi6up69OhRcrOyslIsFu/Zs0cqlXp5ea1fvx7dNR0eHi4pKYmIiHBycpJKpenp6V1dXZRZ8vPzd+7cScinNNGw8vJyimTUT58RsW7durS0NKIZFxdHlsloL30KHMetVqtSqQwODnZ1dU1OTkZ/wPKPMZR+m81WUFDg6+srEolSU1PNZjOHqyl+wHH8woULiYmJHh4erq6uMTExhw8fJh9FCUC0Lhxux0kryMc6tt9cunoTizGMi8j4E0PXls1Mtv7W1takpCSxWBwVFVVVVTWxGDOFN105lmnMrYLTYgzH14HynaWj0Wji4uJEIpG/v39eXh5hYGFhIXEi3f9skYC8wUQiEdvDBeiH28nJSS6Xo5QDo2kUUDSlcODAAbazamtrKX/TEEil0uzsbMp1//79+0NCQpycnKKjo8+ePUvWFvXHxsaSr0v4iOWwlGPGMc2ZzYwRYyYAx54Yk4iIiGvXrrE17THj/wt4+oEAPSVJecjHfoxXPUb+84s4bcxaT27bti0pKWmmtQCmm2m95z8md+/e5Wg+s4zXD5cvX05ISJi2WkawTAAfKioqeD5iA/yXsEvdZRzH33333T///JPneCgIP4X09/dXV1evWbNmphUBgH8xZ86cV155Zaa1AKYbu8QYBwcHJycnnk+IQkH4qYXIws+0IgAAADxiDL16toODA7nU2FdffbVgwQKiZpFMJnvy5IlSqSTquHAz+VcrZDKZXq8fs/b4lJeyn50MDQ19/fXXzs7OM63I+EDbZqa1+C8AngRmFWPHGPQQXktLi5eXF/q8devWPXv2EAPKy8t37txJeU1MIpFYLBY+GkzJ63symYz+DjaFvr6+srKySU4EAAAA8GfsGOPs7Ozs7Iwq9KHPKpXq7NmzHR0dGIZdvHjRYrGgmndCoTAiImJc0z98+NBgMCQmJk5Ed5qekxcCAAAATCETuR8TEBCQkZGBirnu2bOnsLAQXcSQS3ZzQC4qTi4Iz1jbnLEGPkdtc56FzTEeRdcBAACASTLBe/6FhYUnT5785ptv2tvbieLkY0IpZo79O1HGWNucsbA5xlnbnE9hc4yz6DoAAAAwNfB8j4b+SnNOTo5IJKqpqWEbT34RjF7MHP93QXi22ub0wub4Py/TMtY2b+dX2BznV9scAAAAmAwTf3Y5NzcXw7DMzEw+g6OiooaHh9va2lQqFfHfA8kF4Yna5h9++GFlZeVPP/2EsRc2xzgLifMpbI79U9u8tbV1eHg4KiqKjxUAAADAuJh4jPHw8BAKhTzvtJeWlmo0mtzc3Hv37hGdlCfKTp06deTIkZiYmOHh4by8vK1bt6J+OxU2xzDs3r17qMggubY5AAAAMFXY5R1MOiqVymAwSKVSuVy+efNmDMNGRkbq6uooTy2//PLLGzZsUKlUX3zxxblz5zw9PSUSyXhLAFit1vv376PPBoPhueeeYxy2efNmuVzu7+9vMBhUKtWEzAIAAAC4sFeMsdlslH/x5uPj8+mnn+r1evTejFar9ff3Dw0NRUfv3Lnz9ttv//DDDz09Pffv36+urkb/5U2pVGZnZ9++ffvBgwdbt269evUqn9nz8vIePHjw+++/l5SUpKSkoE5fX1+r1frHH3+gpsVi0ev1lZWVPj4+U2U1AAAAQMZeMUan0zFeQMhksuPHj2O0RFl4eHh8fHxOTg76R7NWq/XIkSMYhhUUFCQmJiYlJYWHhxuNRj43TsRicVxcXGxsbEJCQkxMTEFBAep3c3MrKiqSy+Xo2eXjx4/LZLIpMRYAAABgxAHH8SkXOjQ0FBkZWVRUtGnTJrYxCxYsOHbs2MKFC6d26o6OjujoaKilAQAAMBuwS21/Z2fnEydOvPrqqxxjoCA8AADAfx575cq4AwwAAADwLDBNz5UBAAAAzyB2uR8DAAAAABhcxwAAAAD2A2IMAAAAYC8gxgAAAAD2AmIMAAAAYC8gxgAAAAD2AmIMAAAAYC8gxgAAAAD2AmIMAAAAYC8gxgAAAAD2AmIMAAAAYC8gxgAAAAD2AmIMAAAAYC8gxgAAAAD2AmIMAAAAYC8gxgAAAAD24n9VWUHddssIggAAAABJRU5ErkJggg==) \n--- \n \nResearch's Comment:\n\n![](data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAiEAAADDCAIAAADbZlZwAAAACXBIWXMAAA7EAAAOxAGVKw4bAAAgAElEQVR4nO3df1ATd/4/8BUwhBB+Q+SXFbCHjnqUUkrRQ9tTx1KOcWjVXkUKVB1rHVopYzn0bJvSG7WonYoex/Ssgw6n3o3HUcahnEdtJ3KMh0gjRkRUChEjhYCCEQMG8vljv93vdn9lE1gEfD7+yr5573tf7/e+kxfZJO+dZrVaCQAAAAk4Pe4AAABgykKOAQAAqSDHAACAVJBjAABAKsgxAAAgFeQYAACQCnIMAABIBTkGAACk4mCOGRwcXLt2rYeHx9hGAwAAU4kjOWZwcDAxMdFisYx5NAAAMJU4kmM6OzuXL1++b9++MY8GAACmkmkOr1fW3t6+YMGC+/fvj21AAAAwZeAzfwAAkApyDAAASMXFZo2AgADqcXd395jUBACAJ4HtHKPVakW2Jb4mAAA8CWznmJCQEJFtia8JAABPAnweAwAAUkGOAQAAqTj++xgAAABheB8DAABSQY75f8LDwy9dusS3+cSa4OMwwcMDAOQYgiCIy5cvj4yMPPPMM5ybT6wJPg4TPDwAIETmmIMHD86ePdvV1fXZZ5/95ptvpIumvb2d734BfX19u3fv5tscpYqKipUrVzI2BYIZK+NwiNEcnRqW+/fvb926ddasWW5ubnPmzPnss8+Gh4ftPdzYnjJ6eI93GAFAgO0cc/Dgwc8///zLL7/s6OjIzc1NS0s7d+7cOETGcO/evV27dvFtjhJnjhmrxicvahzWr1+v1+vPnDmj1+uLioqqqqoaGhrsbW1sTxmB0wQwGdj+DeaePXtKS0t/+9vfEgSxdu3arq6ugoKCxYsXSx/bOLlz505LS8tLL73E2DQYDI81rseMGoeHDx+Wl5cbjUYvLy+CIJYtW7Zs2bLHHR3zrAHAxGTjfUxfX5/BYEhISKBKlixZ0tTURPx8gWLv3r0zZszw8fHJyMh4+PAhWWdwcHDDhg0eHh6zZs36+OOPyesqZP39+/eHh4f7+PisW7eur6+P86AHDhwIDw/38/N78803yTp9fX1hYWEmk2natGlHjx5lbApEcuHChcWLF3t4eISEhKxaterq1avsw1VUVKxYsWL69Omcm5999hmjWb7Dvfrqq3v37iX3unTpkqurK9XBt99++4MPPuAbZPYhhMdw9+7dAQEBQUFBX331lchRHR4e3r59+4wZM9zd3desWdPT0yMw2oxxGBkZIQjCxYXj35E///nPL7/8MrX5xz/+MSMjg3PMGaeMs4P0vri7u//+97/v6en54IMPAgIC/Pz83nrrrQcPHvCdNYrIRvhOInuE+c4F39RilzMu5bW3t/v4+NgVLcDkZSPHmEwmuVxOfyZ7enr29/dTf62rq6uvr6+vr29oaCgoKCDL8/PzBwYGGhsbq6qqNBpNcXExVb+xsbG2traurk6v1+/YsYPziFqtlqxjMBjy8vIIgvDy8mpublYqlWazOS0tjbEpEElycnJmZqZer6+pqUlISJDL5ewjClwoM5lM9T+jN8t5uOTk5OrqarLC6dOnR0ZGqqqqyM3q6uqkpCS+EeY8hMAYNjc363S6kpISMveLGdWCgoLq6urq6uqWlpbg4GDyvwS+0WaMg7u7e1JS0htvvPHf//6X8ZKXkpKi0WioewhVVFS89tprnGPOPmWcHSTjqamp0Wq1BoNh7ty5RqOxsbHx/PnzbW1t9K4JXCgT2QjfnGGPMGeofFNLzJRzIFqAycoqqK2tTalU0ktaW1u9vb3JPxEEodfryfKysrLY2Fjysb+/v8lkIh9rtdq4uDiqfn9/P1leU1MTERHBPhy9Tm1tLVWHEQl9ky+S3t5eFxcXs9nMOIperw8LCyMfm0wmpVLZ29vL3uRrlq/cYDAoFArycHFxcTk5OampqWR9T0/PoaEhzuF1YAypaEWOqtVqValUDQ0N4kebMSz9/f15eXmRkZEuLi5PP/20Wq22WCzkn+Lj40+dOmX9+Yx0dnZyjrmVdQbZHSTjuXfvHtUXJyengYEBKrynn36aMzz2ZLDZiPDJpY8wZ6h8U4uznD11yWeQ+GgBJi8bn8e4uLhYLBZ6ycjICHXZRC6Xz5w5k3w8d+5cvV5PEMTdu3eNRmNYWBi7vlKppC4ahIaG9vb2so9IrxMcHMxZh40zEh8fn9WrV8fHxy9dujQ4ODg2NvbFF18km62trSUrnzlzJi4ujrp2wdjkbJavPCgoKDIysra2dt68eQaD4aOPPoqMjBweHq6url6+fDn5XpB9+wMHxpAKT+So9vX19fb2RkVFsceNb7QZ40BePtq9e/fg4GBDQ0NOTo7FYvn0008JgkhJSTl9+vSqVatOnz6dlJQ0Y8YMzjFn4OugUqkkP/Uh++Lp6enm5kaFZzQaOcNjd0pMI3wnlzHCnKHyTS2+cgEiowWYpGzkGPLixqNHj6jLZf39/Z6engK7mM1mJyen+vp66mXRyemx/QrnxIkTFy9e1Ol0BoMhJydn0aJFBw8edHZ2DgoKIiuM7TfKkpKSqqurW1tbk5OTvby8oqOjNRoN/UKZyNsfSDGGzs7O4ivzjYOrq+vChQsLCwvT0tLIHPPaa6+RF5ROnz6dmZlJ8Iw5ox3ODg4NDY0yPCnwnQu+brLLt23bNj6hAkxENt/pBAcHnz17ltosLCxMTk62sq42lJeXU9d5lEol55UZvisGYuqIv1ZGj4ROq9WGhobSSywWi7+/f2trK+cmX7MCh6utrY2Li1u5cmVlZaXVai0qKnrvvfcCAwMNBgM7HuGmxIyh8IjRqVQqrVYr3Bq1L2McrFYrdaWIpNFo6FfkFixYUF1d7e3tTV12o9DHnHE4dgeF+yIQHmMyiGlE4OQyRpgzVIFussv7+/udnJzo1zMFZjVntACTl+3/jvPy8tavX//tt9/29PT8/e9/V6vVubm51F9zcnJu37595coVtVqdnJxMFqalpW3ZsuXKlSt37tzZu3cv+Q/vKPn7+5vN5uvXr3NuckZy9erVV1555bvvvuvp6bl169ahQ4eio6PJyoODgwRB1NbWBgYGhoeHk4WMTYEO8pUvXLiwra3t/PnzS5cuJQhi5cqVJSUlgYGB1NsmThKNIdlHUnZ29qZNmy5fvnz79u13331X+BdOjHG4du1aRETEX//61zt37vT19Z07d27Lli0bN26k6r/22ms5OTkJCQkeHh4CY844ZQ53kPM0OYbv5DKwQ+XrJme5h4dHbGxsTk7OTz/9dP36dfoXKwCmPjGJqLCwMCIiQiaTRUdHk/+hW3/+F2zPnj0qlcrb2zs9PZ36rNJsNmdnZ4eGhioUiqSkJPJfzlG+j7FarWq1WqFQlJSUMDb5IhkaGlKr1ZGRkTKZTKVSpaWldXZ20o+ybdu2HTt2UO0zNslqBQUFjGYFOm61WlNTU1evXk1txsbG0tvk7C/7ECLHUGDEGOUWiyU3N9ff318ul6ekpBiNRoF9GeNgtVorKytfeuklT09PhUIRFRX15Zdf0v9KXgAkzwvfmLPPILuDIv+pZ4fn2PsYzpPI+T6GHSpfN/nKb9y4sXTpUqVSOW/evMLCQryPgSeHqBzDifPZ+Fg4HElkZOT58+f5Nsf8cJOFyHGgkF9wZ3wXSzr2hsdpyp9EgAnC9u/8p7Br164JbD6x7B2HM2fOJCQk8H3La8zhNAFMIlh3GUalr6/v0KFDr7/++uMOBAAmIuQYGBXq84zHHQgATES41zIAAEgF72MAAEAqyDEAACAV5BgAAJAKcgwAAEgFOQYAAKSCHAMAAFJBjgEAAKkgxwAAgFSQYwAAQCrIMQAAIBXkGAAAkApyDAAASAU5BgAApIIcAwAAUkGOAQAAqTiSY7q7u9etW+fn5xcSEvL+++8PDg6OeVgAADAFOJJj0tPT5XK5TqfTaDSNjY07d+4c87AAAGAKsPs+mA8ePPD39zcaje7u7gRBXLhwITU19fr169KEBwAAk5iLvTu4u7s/fPiQ2hwaGpLJZGMaEgAATBGj/cz/T3/6U3p6+piEAgAAU8yocswnn3xisVi2bds2VtEAAMBUYvtaWUBAAPW4u7ubevz1118fO3asrq7O2dlZuCYAADyZbOcYrVbLLrxy5crmzZurqqr8/PyEawIAwBPL7u+VEQRx9+7duLi4/Pz8tWvXShETAABMDXbnmOHh4cTExHnz5hUUFFCFrq6uYx0YAABMenbnmPb29rCwMHqJt7f33bt3xzIoAACYEhy5VgYAACAG1sQEAACpIMcAAIBUkGMAAEAqtnNMe3u7h4eH+Bb7+vp2797twI42j9ve3u7j40M9nkYzc+bM7du3P3r0yN7jdnd3T58+/dy5c3wxUEcUUy4FgZ5KetDRnDuJTITTAQB2Gfv3Mffu3du1a9eYN8umVCrNZrPZbB4YGKisrPz+++/z8/PtbeTkyZNKpfL48eNSRDhW6D2tqqrSaDQO9BQAYPxN7mtlrq6urq6ubm5uv/71r/ft23fq1Cl7Wzh+/PihQ4fKy8ulfmcwSlRP58+f71hPAQDGnx05hrx+sn///vDwcB8fn3Xr1vX19THq9PX1hYWFmUymadOm/fOf/yQI4sCBA+Hh4X5+fm+++Sa9/uDg4IYNGzw8PGbNmvXxxx8PDw+PsidyudxsNtu1y82bNzs6OtatWxcTE1NZWUkW3r59++WXX/bw8JgzZw79/Q1nOTkmu3fvDggICAoK+uqrrwR6d+HChcWLF3t4eISEhKxaterq1atkZb5yPjKZbGhoiNp34cKFbm5uAQEBa9asuX37tkBUbGTNvXv3zpgxw8fHJyMjg37jBgpfd9iH5uuOmNPN2aBdpwMAJhr73seYTKbGxsba2tq6ujq9Xr9jxw5GBS8vr+bmZvLazquvvmoymbRaLVnfYDDk5eVRNfPz8wcGBhobG8mLP8XFxaPpRl9fn1qtTkpKsmuv0tLS1NRUgiDS0tKo16msrCxPT8+mpqbKykr6ixdfuclkam5u1ul0JSUlCQkJAr1LTk7OzMzU6/U1NTUJCQlyuZyszFfO6e7dux999NHGjRvJzYaGhk2bNnV2dup0utDQ0KysLIGoOJlMprq6uvr6+vr6+oaGBvryDRTO7vAdmrM7Yk43Z4P2ng4AmFistrS1tSmVSvIBQRD9/f1keU1NTUREhPj6tbW19Pr+/v4mk4l8rNVq4+Li+Nqhl3h7e1OPCYLw/5lMJktNTSUbZO/IJzIyUqfTWa3WgYEBlUrV399vsVjkcrlerycrlJWVkUfkKyfD6O3tZbTM7l1vb6+Li4vZbGbU5Cun95rqqa+vr5OTU2JiImfNGzduBAYGCkTF1zi9X7GxsVbWGNo8WdSh+bpjswXOBu09HQAw0dh3H0ylUkl93Sg0NLS3t1d8/eDgYKr+3bt3jUYjtSbNyMiIi4vdd+RUKBTkSs/V1dV5eXmHDx92c3MTv/uFCxeUSuX8+fMJgnBzc0tMTCwrK1uxYgVBEDNnziTrzJ07l3zQ1dXFWU72kfGlJs7e+fj4rF69Oj4+funSpcHBwbGxsS+++CJBEHzlnD0lCKK1tTU7O/vAgQNbt24lCOKHH37Izc1tamoaGhoaGRkZGRnhi4qPXC6n90uv1zMq8J0szkNzdkfk6WY3yDfsAqcDACYUu1/Zx4TZbHZycqqvr6dea5ycmFftFAqF2WweHh6m7k9jMpkUCgVVwcnJKSQkhCCIjIyMffv2HT58+N133xUfQ2lpaVNTE3XPG7PZbDAYyBwzSny9O3HixMWLF3U6ncFgyMnJWbRo0cGDBwXK2T0lCCIkJKSwsHD9+vVkjklJSdm4cWNxcbFcLu/o6EhMTBx9/CK7w3dodnd27Nhh83SPT18AYLzZfKdDv/ZFv35Cv3LlQH2lUtnQ0CB8aJVKVVNTQ20WFRVRl4kYjZ88eTI0NJS8RCPmWpnFYgkMDKyrq+v4mV6v9/b27ujooF+EKS8v57w4Q5XzHctm77RabWhoqJhy9iHOnz9PXnXs6upycXGh7yscFRvjWll5eTnntTJ2d/gOzdcdmwPC2SDfsPOVA8BEM/Y5xmQyubi4tLS0CNffvHlzfHw8+d9uQUFBfn4+u6lDhw5FRkZqNBqj0Xjq1ClfX18q5bBfRufNm1dcXEz9yfxLFouFXrmqqmrevHmMw61evfrzzz9PSUlZvXp1R0eHTqeLjo6mYuYs53s1Z/euqakpMTHx7NmzRqNRr9dv3LgxOTnZarXylTPGn+pIU1PTkiVLtmzZQv5VpVIVFRXdu3evpaUlJSXFsRxD75darbZarf39/S4uLs3NzeS4cZ4szkPzdUfM6eZs0K7TAQATzdjnGKvVqlarFQrF/v37Beqbzebs7OzQ0FCFQpGUlNTa2srZ1Oeffx4WFiaTyRYsWFBWVsaOilJaWhoWFjY0NES+bjKQ6YeSnp6em5vLONaRI0diYmI6OjpWrFihVCojIyP37dtHxcxZzvdqzu7d0NCQWq2OjIyUyWQqlSotLa2zs9NqtfKV03tK74hKpdq0aRP1TQqNRhMbGyuXywMDA3Nycvii4ouTLN+zZ49KpfL29k5PTx8YGCD/lJeXp1AoSkpK+E4W56H5uiPmdHM2aNfpAICJBmv7PxHa29sXLFhw//59keUAAGNicv/OH8Rj3FkOAGAcIMeMvUuXLr3zzjuPO4pfUCqV5eXljzuKx+bRo0dr16796aefxFQODw+/dOmS1CEBPCGQY8ZeZmbmRHvT4OfnN3v27McdxWMzffp0mUy2bds2mzUvX748MjLyzDPPjENUAE8C2znm7t27b731VkBAQEhIyB/+8IdHjx5RC7+P/5rqItecp+4vIFH7Aofr6elpbGzMzs7mbO3gwYOzZ892dXV99tlnv/nmG8ahqQX8nZ2dw8PDP/30U3JdL8by/qQDBw6Qf3J2dmbcm0DkTRD4RoDa9+DBg+Hh4e7u7i+88MK3337LFy1ns3w9tXnLBuHusMdh2rRpHh4e9EXe/va3v82ZM+fHH3+kHyg7O7u6upqv15SKioqVK1farCZMilnq8C02HNh3rNj7+vD++++7ubkdPXqU0Yhj9/jg3BceA5vfCli5cmVqampHR0dzc3NCQkJeXh79m2bj/30egWVXKOK/vDsmO9L34ntstVoLCwvDwsKqq6u7urqOHz/u6+ur0WgYjVBr+JMLrpDf8RX4Njb5rbOIiAhqpRYra9EderM6nW7RokU7d+7k6y+1b2FhYUREBPkt5FOnTvn7+9N/qyTcrEBPxSwRJNAd8ojNzc3e3t7UUGRnZ6enp1P1o6KiSkpK2F+DFHNm4+Lizpw5Y7OaTVLMUjFtcjbu8NNhlOx6fTAajU5OTlqtlvEzA5sThj4PGxsb4+PjBaY3jD8bOWZgYCA0NJR6wtfV1T399NMdHR0xMTFWq7Wjo8PmwlOPxQTJMdRAkYKDg8+ePUttfvHFF/SfwrAPXVNTQ/6IRyCqtrY2hUIRExOzefNmeiHjSUjfpba2du7cuXx/pfZlRFtcXCwcLb1ZgZ7afMkQ7g5nicFgUCqVbW1tVqu1srIyIiLCYrEwBl/MmTUYDN7e3kNDQ8LVxoqkr4CTLscIf72er1nOZ43A9IbxZ+NamZub261bt9zd3cnNGzduBAcHh4SEXLx4kSCIkJCQ//3vf+Sf/v3vfws3RVXgW8p+eHh4+/btM2bMcHd3X7NmTU9PD3uNevqbX7516en3Fzh69ChfYHxL09OxV6Rnh8Q4HH13aqDIqAwGA30J5CVLljQ1NQmMmFwut1gswqNKEISTk9OxY8dKSkr+85//2KxM/PLWAHzY0a5fv/7QoUNimnWgp3T2docgiKCgoMzMTHLF6D179uTl5Tk7O9MHXwB9elRUVKxYsWL69OnkJudElWiWEraeQfQL1HbdYoOak5x32bB5zwXOCgIxiLnnwoMHD95+++2AgICZM2d+8sknw8PDPT09fE8iezlwjw+QlB2f+V+7dm3btm379u3j/GtmZuayZcs4n9UXLlxYtmxZZmYmucm3lH1BQUF1dXV1dXVLS0twcDD5qiS8Rj3nuvT0+wukpaXxBca3ND0d54r0jJAYh+MbPZPJJJfLqdcvgiA8PT37+/v56nd3d+/cuTMlJYWvAt38+fPVavX69evZLzcMjFsDiI92+vTps2bNEtOsvT1lE98dSl5e3vHjx7/++uu2tjZqpgljTEuC9WEM50SVaJYSgs8gdoPib7FBNs53lw2b91zgq8AXg5h7Lrz33nsGg6GhoaGqqqqioqKoqMjPz0/Mk8gmx+7xAdIS+X6no6MjIiLi5MmTfBVMJtOuXbt8fX1ff/31lpYWsrClpeX111/39fXdtWsXecFNYCl7lUrFWNKKvUY94woAwbUuPaMaZ2AM9FXxhde051w2X8x1CXZ5a2sr/UoCYw1/uVy+efNmagU2gnYjA39//6ysLEazFoslPj6e/FiC7yYI7FsD8F2IoJdv27aN3J1+awaBZoV7KvLSB1932LtQNm/eLJfLi4qKWGPPPC57WlqtVpPJpFQqqTPLN1ElmqVWWxOV/iEoYc8tNti70O+yYfOeC5wV+GIQc88Fi8WiVCqphR4qKiri4+PZo8HZEapEzD0+BNqE8SQ2x8THxxcWFtqs1tvbm5KSQi1u6OLikpKScu/ePXqdN954Izo6OicnZ9++fd9//z1ZeO/ePRcXFzEf99GfOXK5nPpTU1OTSqXi25ERmNVqbWhoWL58eXBwMPkqyV6FhbwTATV9fX19VSoV56wVk2PI1TbpJTdu3PD396c3olAoyAU6DQYDfSjofyJRr2iMl06FQlFeXs7+hIPaUaPRxMTEfPHFFwIjTK0NSpbcu3evo6Pj/PnzjIzI16xwT8VfXufsDnsXSmNjI3mdxMqF3jLntCwrK1u6dCm9hD1RpZ6lVq6JyqjM/i6D8NK0ArtwznBGMJwV+Bo0GAyMzrJjMxgMMpmM2mxpaeH8946zI+wu0+dhSUlJYGAgtRiSQJswnkRdK7tz505jY6PNlfNv3ryZlZWl0Wjy8/PJkvz8fI1Gs2XLlps3b1LVTpw4cfjw4aioqKGhoZycHHqz1DL+Y4sdGEEQKSkpS5Ys0Wg0Wq2WutEyHbWmvVar1Wq1jY2N1E1cHEBeB6B/u7e/v9/T05Neh1zDPyQkJCgoiDEU1J9InF8J/dWvfrVr165NmzYZjUa+fRcvXlxYWFhUVET+ibqBAlWZvIECPVovL6+QkBCZTEa/sYJAs8I95Tui+O7w8fT0dHFxcXV1tVmTc1qyv7XMN1ElmqUEz0SVjs0ZPrZPAcfYnDDUPMzIyPD39z98+PA4RwjCROUYlUql0+mE67zzzjvR0dGBgYEtLS3bt28nC7dv397S0qJSqaKjo+k/fX/uuecyMjK2b99+5MgR8vfnXl5evr6+9v6+2mw237p1i3zc0tLy1FNPiQysu7vbYDB8+OGHs2fPDgkJ4by9cVBQkEKh6O3tpV5Jg4KC7AqPzsvLKzg4uKamhiohvzbmcIOctm7dOm/ePM7Plijkf+Lk44CAAF9f3/Pnz1N/1Wg0UVFRZLS1tbVU+dmzZ6OiosQ0K9xTviM63B0HsKfl8PDw6dOn2b+MYUxU6WYpwTNRJWVzhtv7FFCpVARB0DvLWUcmk/3444/kZnNzs/APlu2aMDt37iwoKBgcHBRoEMabyPc7Nr+bn5aWRn55lFNbW1taWppVcCn7Xbt2xcXFNTY2dnR0kP/N2bwKQXCtS2+l3V9AIDDOleRtrmnP+e6bfji9Xs+4UkShfjViNBpPnjzJ+fsYvtET+H0M+8MPpVLJ+QMC9q0BrPw3UKB+H9PV1VVaWurr61tbW8sXEqNZ4Z7adcsGRneoauyLMMIXRm7cuMG5CzktNRrNggUL6H/im6gSzVKriGeQXdfK6I0L7GLzngucFQQaFHPPhY0bN65cuVKv1+t0upiYGPIivMDpc+weH1bBJw6MG1E5xq7vuQsTWMreYrHk5ub6+/vL5fKUlBSj0Wjz2cu3Lr315/sLkEvTc+JcSd5qa017vmcCdTiz2SyXy/m+XEC+cMtksujo6MrKSr6uMbRx3a2A/PCDc6/i4mLGh6IUxq0BSHw3UCBThUwmi4mJof/eRUyzAj0VOKLN7lDV7M0xp06dioqK4vvrtm3bduzYQS/hm6jjPEvZbYrMMfTGBXaxec8FzgoCDYq554LJZNq0aZO/v39oaKhareb7b4nOgXt8WHmeOIzbfIDUJvHa/hN2XfqtW7fqdDrG4ivwGA0ODs6dO3fnzp0bNmzgrDBnzpxjx4698MILY37oCTtLAcaHy+MOYArat2/f+H80CgJcXV1LS0t/85vf8FW4du3aeMYD8OTAustjb/r06c8///zjjgJ+QSDBAIB0kGMAAEAqk/jzGAAAmODwPgYAAKSCHAMAAFJBjgEAAKkgxwAAgFSQYwAAQCrIMQAAIBXkGAAAkApyDAAASAU5BgAApIIcAwAAUkGOAQAAqSDHAACAVJBjAABAKsgxAAAgFeQYAACQiiM55tq1a6+88oqXl9eMGTM2bNjQ19c35mEBAMAU4EiOSUpKCg0NbW5ubmhoMJvNmzdvHvOwAABgCrD7PpiDg4PFxcXr16/38PAgCOLy5ctJSUm3bt2SJjwAAJjERnWv5UePHu3cubOzs/Po0aNjGBMAAEwNjn/m/69//UuhUNTV1X355ZdjGBAAAEwZjueYxMTEs2fPGo3GkpKSsYsHAACmDtvXygICAqjH3d3djL9+8803O3fuvHjxos2aAADwpHGxWUOr1dI3Hz16pNVqn3/+eXIzIiLCYDBw1gQAgCec7RwTEhJC3xwZGVm0aFFXV5ePjw9BEC0tLU899RRnTQAAeMLZ/XmMq6trYmLili1bbt++fenSpby8vMzMTAkCAwCASc+Rz/yPHDlCEMSCBQuSk5NTU1PfeeedsY4KAACmglH9PjfCb2cAAAjLSURBVAYAAEAA1sQEAACpIMcAAIBUkGMAAEAqYnNMd3f39OnTz507Ry98//333dzcyMXK+vr6du/ePZpQ6C20t7eTa246tvtE097ePo3lwIEDAruM7XiOvr4DZ2SURjkfhDnc4ESeZgATkVWcwsJCb2/vzZs3UyVGo9HJyUmr1VosFqvV2tbWplQqRbbGid6CA62NPgDpkLGZf4kcN+FdRn/QMaxvNptHE4+9RjkfxDc+PjsCPJnEvo85fvz4oUOHysvLHz16RJaYTCaFQvHMM884OztLlgGnFNdfmnTj5urq+rhDAIBJRlSOuXnzZkdHx7p162JiYiorKwmC6OnpCQsLM5lM06ZNO3r0aF9fH32TIIjBwcENGzZ4eHjMmjXr448/Hh4eJq9O7N69OyAgICgo6KuvvqIfgt0CQRAHDhwIDw/38/N78803qbttXrhwYeHChW5ubgEBAWvWrLl9+zbf7gxkAHv37p0xY4aPj09GRsbDhw+pckZg7Pipoy9evNjDwyMkJGTVqlVXr17lKxSDPPT+/fvDw8N9fHzWrVtHdlPMePJFzjeeDx48ePvttwMCAmbOnPnJJ59QPeKsz26ZcXHpzp07v/vd7zw8PMLDw/fv308u+iBQLt184DtTFM4JwyByeMVMMwCgE5VjSktLU1NTCYJIS0s7fvw4QRB+fn7Nzc3k9Z+0tDQvLy/6JkEQ+fn5AwMDjY2NVVVVGo2muLiYIAiTydTc3KzT6UpKShISEuiHYLdgMpm0Wm1tbW1dXZ3BYMjLyyNrNjQ0bNq0qbOzU6fThYaGZmVlce7OyWQy1dXV1dfX19fXNzQ0FBQUUOWMwDjjJwgiOTk5MzNTr9fX1NQkJCTI5XK+QpFMJlNjYyPZTb1ev2PHDs7u8MXDN6TsFt577z2DwdDQ0FBVVVVRUVFUVGRz/PlOFkEQWVlZMpnsxo0b1dXVx44ds1ku3XzgGxkK54RhEDm8IqcZAPx/Yi6oRUZG6nQ6q9U6MDCgUqn6+/utrAvTjE1/f3+TyUQ+1mq1cXFxbW1tBEH09vbyHYVx/Z0gCPJAVqu1trY2IiKCvcuNGzcCAwM5A+BsnyAIvV5PbpaVlcXGxlLljMDY8Vut1t7eXhcXF8bHEpyFnIf2p8nKymJ3s6amhuqmzfHki5x+UKoFi8WiVCpbW1vJzYqKivj4eIH67JYZrcnlcqq1srIyb29vgXLO+MdqPnCODB9qwjg8vPg8BsAuttfEvHDhglKpnD9/PkEQbm5uiYmJZWVlGRkZArvcvXvXaDSGhYWRmyMjIy4uLgRBKJVK6uKJTUqlkro4Exwc3NvbSz7+4YcfcnNzm5qahoaGRkZGRkZGRDZIEIRcLp85cyb5eO7cuXq9njoWPTC++H18fFavXh0fH7906dLg4ODY2NgXX3yRs5B9aIVCQV+XWqFQsLsZGhpKdZOOLx525Hy6urqGhobCw8OpvpMvoAIEWu7q6hoZGaG3Jlwu3XwQGBmKzQkz+uEFAD62c0xpaWlTUxN1bxiz2WwwGIRzjNlsdnJyqq+vp56rTk5OQ0NDow+XIIiUlJSNGzcWFxfL5fKOjo7ExMQxaZaOM37ywYkTJy5evKjT6QwGQ05OzqJFiw4ePMhZyGjTycnJ4XWpBeKZFKSbD2JGxuaEmezDCzCR2cgxw8PD//jHPzQaTXBwMFkyMjISFRV1584dgb2CgoIUCkVvb++zzz5LFba3t48+3O7uboPB8OGHH5KbRqPRrt3NZvOtW7fItzL0uxIwcMZPee6555577jmCIJKSkpKTk8l0wlk4VoTjEUOlUslksh9//JF8k9Hc3Ez92+5Ya05OTu3t7bNmzSJbEy6Xbj7YHBkxE2b0wwsAfGz8v1ZdXe3r6/v888+H/GzmzJnLly8/efIko6a/v7/ZbL5+/Tq5mZaWtmXLlitXrty5c2fv3r2ffvqpzVAYLXAKCAjw9fX9y1/+0tfXd/36dbVabdfuBEHk5OTcvn37ypUrarU6OTmZrxpn/FevXn3llVe+++67np6eW7duHTp0KDo6mrOQs83BX2J/A0pgNEY5ns7Ozm+88UZ2dvatW7fIvpNf4hA4ogBnZ+fk5OTs7Oz29nayNeHy0ccvQLhlvgnj6+trNpuvXbtGngXx4YkfJQAgCFuf+aenp+fm5jIKjxw5EhMTw/7wU61WKxSKkpISq9VqNpuzs7NDQ0MVCkVSUlJra6uYD0upFthfKKA+PdZoNLGxsXK5PDAwMCcnhyoX2J1qRKlU7tmzR6VSeXt7p6enDwwMWHk+xWXHb7Vah4aG1Gp1ZGSkTCZTqVRpaWmdnZ2chexDs0f+iy++EOimzfHki5xzPK1Wq8lk2rRpk7+/f2hoqFqt5vwFqMAAMko6OzuTk5OVSmVYWNiePXuosPnKpZsPnCNDxzdh8vLyHBte+qgCgLCpubZ/e3v7ggUL7t+/b7MQRu/atWtLliz56aefRJYDwJNjyn62OZrPG8AuWq02IiJCfDkAPDlsf69sMlIqleXl5Y87iqns008/DQ4OXrlyZWtr644dOz766CPhcgB4Mk3Na2WccK1sDJ07dy47O1un0z311FNZWVlbt24VLgeAJ9MTlGMAAGCcTdnPYwAA4LFDjgEAAKkgxwAAgFSQYwAAQCrIMQAAIBXkGAAAkApyDAAASAU5BgAApIIcAwAAUkGOAQAAqSDHAACAVJBjAABAKsgxAAAgFeQYAACQCnIMAABIBTkGAACkghwDAABSQY4BAACpIMcAAIBUkGMAAEAqyDEAACAV5BgAAJAKcgwAAEgFOQYAAKSCHAMAAFJBjgEAAKkgxwAAgFSQYwAAQCrIMQAAIBXkGAAAkApyDAAASAU5BgAApIIcAwAAUkGOAQAAqSDHAACAVJBjAABAKsgxAAAgFeQYAACQCnIMAABIBTkGAACkghwDAABSQY4BAACpIMcAAIBUkGMAAEAqyDEAACAV5BgAAJAKcgwAAEgFOQYAAKTyf3ZzLXFQaOXFAAAAAElFTkSuQmCC) \n--- \n \n**Screenshot:** ![bpw-bern.ch vulnerability](/twimages/screen-1252021.jpg)\n\n**Mirror:** [Click here to view the mirror](<http://1252021.openbounty.org/mirror/>)\n\n### Coordinated Disclosure Timeline\n\nVulnerability Reported:| 6 August, 2020 09:44 GMT \n---|--- \nVulnerability Verified:| 7 August, 2020 08:49 GMT \nWebsite Operator Notified via Bug Bounty:| 7 August, 2020 08:49 GMT \nPublic Report Published \n[without any technical details]:| 7 August, 2020 08:49 GMT \n---|--- \nVulnerability Fixed:| 30 August, 2020 00:04 GMT \n---|---\n", "published": "2020-08-06T09:44:00", "modified": "2020-09-05T09:44:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.openbugbounty.org/reports/1252021/", "reporter": "metamorfosec", "references": [], "cvelist": [], "lastseen": "2020-10-03T04:03:32", "viewCount": 1, "enchantments": {"dependencies": {}, "score": {"value": 0.7, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.7}, "openbugbounty": {"patchStatus": "patched", "mirror": "http://1252021.openbounty.org/mirror/"}, "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645568049}}