logo
DATABASE RESOURCES PRICING ABOUT US

wip-go.ch Cross Site Scripting vulnerability

Description

Open Bug Bounty ID: OBB-995401 Following coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147](<https://www.iso.org/standard/45170.html>)** standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence. Affected Website:| **[wip-go.ch](<https://www.wip-go.ch>) ** ---|--- Open Bug Bounty Program:| **Create your bounty program now**. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| **[XSS (Cross Site Scripting)](<https://www.owasp.org/index.php/Cross-site_Scripting_\(XSS\)>)** / CWE-79 CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] Disclosure Standard:| Coordinated Disclosure based on **[ISO 29147](<https://www.iso.org/standard/45170.html>)** guidelines Discovered and Reported by:| **MrRain_1996 ** Remediation Guide:| **[OWASP XSS Prevention Cheat Sheet](<https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.md>)** Export Vulnerability Data:| Bugzilla Vulnerability Data JIRA Vulnerability Data [ Configuration ] Mantis Vulnerability Data Splunk Vulnerability Data XML Vulnerability Data [ XSD ] Vulnerable URL: ![](data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAiEAAAAjCAIAAADNIk3yAAAACXBIWXMAAA7EAAAOxAGVKw4bAAAObElEQVR4nO2ca0xTVxzAr1DKtdzyKKXy6EKLju3DosQwpptLdBJHGCF1IiJ2yDYibCGEETSOGcfQIcFiHBjCB1zcQtyybKQhxrCkI6ZhhAGS0nWMNYyUphYGhRRzwYLVsw8n3lzvq+VRQTy/Tz3n/u85/9c5/55DwxYAAIZAIBAIRAAIWm8FEAgEArFpQTUGgUAgEIEC1RgEAoFABApUYxAIBAIRKFCNQSAQCESgQDUGgUAgEIFi49YYtVo9NDTE10T4iT9+Q759HhkaGvrkk09W8OLDhw+PHz/+33//+SmP0gOxGjZojfnzzz8fP368a9cuzibCT/zxG/Ltc0phYaFKpVrBiyEhIWKxuLKy0h9hlB6IVeKjxoyPj0ulUs5Hc3Nzly5d4muuko6OjuzsbL7muiPglg2lBuU3SnJ8fDwqKopTJnA0NTWp1eqwsLA33njjt99+W/2AgfA/2zMbEGqVzczMmM3m8vJy+tPFxcXjx4/TPTM9PX3ixIno6OiEhITPPvtscXER9peXlxsMBn9mZKcQBd1j9Kf0z1u44JxofHycEggODlar1RcuXHj06BH2dPb6E/c12Yv83/oQwqz8HON2u2tra/maq2SD15jExESXy7XeWvjGH78F2rdNTU1Xr1799ttv7Xb7mTNn8vLyfv/998BNt7mhVhlJkhKJJDQ0lHq0uLiYkZHh9Xrp8gUFBTiOWywWo9FoNpvPnTsH+2UyGUmS/sy4yvTweDwej2dkZCQyMtLzBD5hgiCgAEmSer3+1q1b0NjlLre13Yue/fibjI14VzYxMWG1Wvfv38/Z3CDQl/fGhO43kUiUnJxM/8CWCRB1dXWtra0HDhyIjo4+cuTIxYsX6+rqAjfdC8vk5GR6erpOp6N65ufn79y509jYGBcXt3379rq6Or1ev6wxV58eoaGhoaGhOI5Tn4UXDhTYunXrrl27rly58uOPP1L9K9YBsb74VWO++eYbtVodHR39wQcfzM3NYRg2NzenUqlIktyyZct3331Hb165ckUqlV6+fHnbtm1RUVEnT5588OABHKe/v//tt9+WSqUJCQlHjhz5+++/Oafr6Og4dOhQSEgIo3n48OHLly/DzqGhodDQUKgMhmHFxcWnT58WFnj55ZeFX6frIDxUcXEx42aA0142ExMT7733nlQqVavVDQ0N1FXD/Px8cXFxTEzMSy+99NVXX8ErAgaPHj36/PPPt23bFhYWdvTo0ZmZGb7osN2YkJBw9+5d+OGPP/7glPn111/51IZQApxxPHbs2Ndff00J7927FyaG0+nct28f1f/RRx9du3aNMTKn+dCxDQ0NarU6KirqxIkTdOv44PNkf3//3r17t27dGhMTc/To0Xv37mEYdu/evXfffVcqlb7yyis3b94UHpkv0LD/0qVLMTExcXFx169f51SDbk5YWNixY8dmZmZOnz4dExMTHR394Ycfzs/PC09EX2W//PILQ73ExMQvvviC3hMWFvbgwYOwsDDYXFpaEovFbLsE4s5Yic8YHMfhsYzv2oozpoytCcOwxcXFjz/+WCqVJiYmfvnll/SU8Lkd+dz6/A/rC4vvGkOSpMlk6unp6evrczqdZ8+exTAsIiJiZGQEnm21Wi29efjwYZIk+/r6BgYGBgYGBgcH6+vr4VBZWVmFhYV2u727u3vfvn3w2w0bvouyrKws6hL51q1bjx8/7uzshE2DwZCZmSksoNFohF+n6yA81IEDBxgu4rSXTWlpqVgsHh0dNRgM33//PdVfVlbmdDoHBwc7Ozs7Ojqam5vZ79bX1xsMBoPBYLVa4+Pjh4eHMZ7ocLqRE7pMYWHhwYMHYSli0N/ff/DgwcLCQso57Djm5uZSX5MnJiZMJpNGoyFJEsdx+iYVEhKSmJjIGJ/PfJIkzWYztM5ut1dVVQmbIzDU4ODgqVOnJicnLRaLUqksLS3FMKy0tDQ8PHx4ePj27dv0GhPDgtKHM9AkSY6MjFgslhs3bsCCyqkGDFZ3d7fJZHI6na+++qrL5TKbzb29vTabjW4d50SMVebTFQwuXrxYUFDA7heI+zreUU9PT587d06j0QjIcMaUsTVhGFZTU7OwsGA2mzs7O41GY0tLC3zd53bkz9aHLSesLyhAEJvNhmHY/fv3YbOnpycpKYl6RBAEXRI24St2ux32t7e3p6amAgBmZ2dFIpHH42HPYrfbVSoV/EySJEEQs7Oz7KbT6ZRIJHCEtLS0ioqK/Px8OGN4ePjS0pKwgN1uF36drpLwUKOjo5TtfPay8Xq9OI6PjY1RkpGRkbCfIAiqv6OjY8+ePezXFQrF4OCgn9FhuJETtqtra2tlMllubq7VaoWdVqs1NzdXJpPV1taSJAn447iwsACdDABobm7Ozs4GTydJZWWlXC6Xy+WUkpRbOM1nWNfd3c2Xez6HYjA6OhobGwvDQQ8cDAcAwMEC8Aca9tNdzakGFHO73ZQ5QUFBCwsLsNnT07Njxw7KOr6Moq8yTg/w9VdXV6enp3u9XrYYZ9wBKz2gVnIaMpmM8hh9QLYONpuNkuSDPr5MJsNxvKSkBKaZT6vBk5hyKiCXy2HqAgBMJlNaWhoQ3I7o+vjc+vwP6wuL7xrDKCScWQWezgMcx6n+4eFhhUIBP+fl5aWkpFRUVOh0ujt37lAyXq/X6XTCz+3t7e+88w71iNFMSUnp6uqanJxUKpVut1uhUHi93tbW1vfff98fAZ+v0xEQZiQZn730BQkAcDqdYrGYLgmdyei3Wq3UaqFwu90ikYjaI/hCQEWH4TdOOGVmZ2c1Go1IJIJNkUik0WioJQThi2NeXl5jYyMAID09va2tDQDgcDgo57jdbofD0dvby9hu+Mz3P/d8DgUAGBwcTE9Pj4+PpzZHp9PJCJzwPsgXaLYynGoImMO2ji+jVlZj9Hp9UlKSy+USEGPEHbDSw2azSSQSet2lh3K5NYaxNBjjO51OeqrzWc2OKVuB2dlZemmUyWQ+tyNOK/jSz/+wvrCIntFxCcMwDPvhhx/u3r1rsVicTmdFRcWbb77Z1NSEYVhwcHBcXByUEf5FWWZmpsFgGBsby8rKioiISElJMRqN9JsuYQGfr9NZljAnJpNpRX7iJTg42E/Jlf2i7N9//z1//rzRaKypqYE9NTU1Op3u008/ramp2b59O+zki2Nubu61a9e0Wm1fX197ezv25JdCDx8+DAkJiYiIiIiImJqakkgky7J6TdBoNEVFRS0tLTiOOxyOjIwMAWHqcoxieno6kNoFkL/++qukpKSzszM6OppPhh13jCs9goKCEhISqCbjN2zLgnNpMMb3iT8x9Xg8QUFBAwMDIpGImgV+4EtjxBojXIJWdo7BaCd9vV7PeXdkMpmUSiWj0+v1yuVy6pKB0QQA9PT0pKWlZWdn3759GwDQ3NxcVlYWGxtLHYOEBXy+TkdAmH1Y9mkveHJXZrPZYHMFd2Umk4newxcdtt84lWHIlJSUEARRUVFB/8ILAHC5XOXl5QRBlJSUsMehx9Hj8chksqtXr9LPhfHx8fQviTqdLiMjg6EJ313Zcs8xfENNTU3Rv6GbTKbIyEjGXZler1/WXRkVaLYyfHdl/p9j+DJqueeY2dnZHTt23Lx5U0CMM+7s9BA+nazJXRnfPRin1Zwx5RyKIAjGJTMb9naEzjFrxcprDEmSIpGIusClmnCF5OTkOBwOi8WSkpJSXV0NABgeHs7IyOjq6nK5XHa7vaioKCsrixoZXowajcbXXnuN6mQ0IQqFQqFQQHmHwxEeHp6SkuK/gPBTxv0snzC7xrDt5SQnJ0ej0dhsNovFsnPnTsqZRUVF2dnZdrvdYrHs3r0b3jgx9KmtrU1LSzObzQ6Ho7S01Gg08kWH028M2DJarZaqf2xsNptWqwW+4pifnx8eHv7TTz9RPY2NjUlJSV1dXVNTU21tbTKZrKenhzE4p/k+F7nnaeDtCp8nFQpFc3Oz2+22Wq0ajQYOpdFo6IHzeVfGGWjOzZGtxnJrDGdGUavMbrfT79Po41CzeL3e9PT0srIyupfgo9HRUWo6zriz02Mj1Jj79++LRKKRkREYa86YAtbWVFJSsmfPHnheqa+vr6mpAfxpTLnIz60P1RifrLzGAACqq6slEsmNGzfozYaGBoIg6urqFApFZGRkQUEB/AvY0tJSdXV1cnKyWCxWKBRarXZycpIxS2VlZVVVFTU+ownJz8/PycmhmqmpqQwZYQGBp+ws5xNmryi2vZxMTk5mZWURBKFSqerq6uhZe+rUKblcrlQqq6ur4RJi6OP1es+cOSOXy3Ec12g0LpeLLzqcfmPgjwwnAnEEAOj1eoIgGB5obGxUqVRisXj37t1dXV3sMf0xn70LM2hpaeEbCgBgNBpTU1NxHI+Nja2oqIBDORyOQ4cOEQSRnJys0+l81hjOQHNujmw1llVjBDIKrrLW1lYcx+l/oqe/y+claoqff/55586dAsay02Mj1BgAwNmzZ6k9hzOmEPrW5PF4ysvLlUqlRCLJzMyEhzPONPb/gEKNj2qMT3zUmBUgkCs+SU5O7u3t5WtuTFZs78jICPXnx7XFH789F77dUKwmsQMxUVlZmc+fdXDi8XhUKlVra6uADEoPxFrxTP/m75N//vlHoLnJMJlMSUlJgRjZH79tbt++COh0upX9qCQ0NLStre2tt94SkEHpgVgrNlaN2fRcuHAhPj4+Ozt7bGysqqrq/Pnz660R4nklJCTk9ddfX9m7wgUGgVhDNuL/K9vE7N+/v7m5WalUarXasrKykydPrrdGCAQCEUC2AADWWwcEAoFAbE7QOQaBQCAQgQLVGAQCgUAEClRjEAgEAhEoUI1BIBAIRKBANQaBQCAQgQLVGAQCgUAEClRjEAgEAhEoUI1BIBAIRKBANQaBQCAQgQLVGAQCgUAEiv8BmE9Wfy/aIlwAAAAASUVORK5CYII=) --- HTTP POST data: ![](data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAiEAAAAjCAIAAADNIk3yAAAACXBIWXMAAA7EAAAOxAGVKw4bAAAObElEQVR4nO2ca0xTVxzAr1DKtdzyKKXy6EKLju3DosQwpptLdBJHGCF1IiJ2yDYibCGEETSOGcfQIcFiHBjCB1zcQtyybKQhxrCkI6ZhhAGS0nWMNYyUphYGhRRzwYLVsw8n3lzvq+VRQTy/Tz3n/u85/9c5/55DwxYAAIZAIBAIRAAIWm8FEAgEArFpQTUGgUAgEIEC1RgEAoFABApUYxAIBAIRKFCNQSAQCESgQDUGgUAgEIFi49YYtVo9NDTE10T4iT9+Q759HhkaGvrkk09W8OLDhw+PHz/+33//+SmP0gOxGjZojfnzzz8fP368a9cuzibCT/zxG/Ltc0phYaFKpVrBiyEhIWKxuLKy0h9hlB6IVeKjxoyPj0ulUs5Hc3Nzly5d4muuko6OjuzsbL7muiPglg2lBuU3SnJ8fDwqKopTJnA0NTWp1eqwsLA33njjt99+W/2AgfA/2zMbEGqVzczMmM3m8vJy+tPFxcXjx4/TPTM9PX3ixIno6OiEhITPPvtscXER9peXlxsMBn9mZKcQBd1j9Kf0z1u44JxofHycEggODlar1RcuXHj06BH2dPb6E/c12Yv83/oQwqz8HON2u2tra/maq2SD15jExESXy7XeWvjGH78F2rdNTU1Xr1799ttv7Xb7mTNn8vLyfv/998BNt7mhVhlJkhKJJDQ0lHq0uLiYkZHh9Xrp8gUFBTiOWywWo9FoNpvPnTsH+2UyGUmS/sy4yvTweDwej2dkZCQyMtLzBD5hgiCgAEmSer3+1q1b0NjlLre13Yue/fibjI14VzYxMWG1Wvfv38/Z3CDQl/fGhO43kUiUnJxM/8CWCRB1dXWtra0HDhyIjo4+cuTIxYsX6+rqAjfdC8vk5GR6erpOp6N65ufn79y509jYGBcXt3379rq6Or1ev6wxV58eoaGhoaGhOI5Tn4UXDhTYunXrrl27rly58uOPP1L9K9YBsb74VWO++eYbtVodHR39wQcfzM3NYRg2NzenUqlIktyyZct3331Hb165ckUqlV6+fHnbtm1RUVEnT5588OABHKe/v//tt9+WSqUJCQlHjhz5+++/Oafr6Og4dOhQSEgIo3n48OHLly/DzqGhodDQUKgMhmHFxcWnT58WFnj55ZeFX6frIDxUcXEx42aA0142ExMT7733nlQqVavVDQ0N1FXD/Px8cXFxTEzMSy+99NVXX8ErAgaPHj36/PPPt23bFhYWdvTo0ZmZGb7osN2YkJBw9+5d+OGPP/7glPn111/51IZQApxxPHbs2Ndff00J7927FyaG0+nct28f1f/RRx9du3aNMTKn+dCxDQ0NarU6KirqxIkTdOv44PNkf3//3r17t27dGhMTc/To0Xv37mEYdu/evXfffVcqlb7yyis3b94UHpkv0LD/0qVLMTExcXFx169f51SDbk5YWNixY8dmZmZOnz4dExMTHR394Ycfzs/PC09EX2W//PILQ73ExMQvvviC3hMWFvbgwYOwsDDYXFpaEovFbLsE4s5Yic8YHMfhsYzv2oozpoytCcOwxcXFjz/+WCqVJiYmfvnll/SU8Lkd+dz6/A/rC4vvGkOSpMlk6unp6evrczqdZ8+exTAsIiJiZGQEnm21Wi29efjwYZIk+/r6BgYGBgYGBgcH6+vr4VBZWVmFhYV2u727u3vfvn3w2w0bvouyrKws6hL51q1bjx8/7uzshE2DwZCZmSksoNFohF+n6yA81IEDBxgu4rSXTWlpqVgsHh0dNRgM33//PdVfVlbmdDoHBwc7Ozs7Ojqam5vZ79bX1xsMBoPBYLVa4+Pjh4eHMZ7ocLqRE7pMYWHhwYMHYSli0N/ff/DgwcLCQso57Djm5uZSX5MnJiZMJpNGoyFJEsdx+iYVEhKSmJjIGJ/PfJIkzWYztM5ut1dVVQmbIzDU4ODgqVOnJicnLRaLUqksLS3FMKy0tDQ8PHx4ePj27dv0GhPDgtKHM9AkSY6MjFgslhs3bsCCyqkGDFZ3d7fJZHI6na+++qrL5TKbzb29vTabjW4d50SMVebTFQwuXrxYUFDA7heI+zreUU9PT587d06j0QjIcMaUsTVhGFZTU7OwsGA2mzs7O41GY0tLC3zd53bkz9aHLSesLyhAEJvNhmHY/fv3YbOnpycpKYl6RBAEXRI24St2ux32t7e3p6amAgBmZ2dFIpHH42HPYrfbVSoV/EySJEEQs7Oz7KbT6ZRIJHCEtLS0ioqK/Px8OGN4ePjS0pKwgN1uF36drpLwUKOjo5TtfPay8Xq9OI6PjY1RkpGRkbCfIAiqv6OjY8+ePezXFQrF4OCgn9FhuJETtqtra2tlMllubq7VaoWdVqs1NzdXJpPV1taSJAn447iwsACdDABobm7Ozs4GTydJZWWlXC6Xy+WUkpRbOM1nWNfd3c2Xez6HYjA6OhobGwvDQQ8cDAcAwMEC8Aca9tNdzakGFHO73ZQ5QUFBCwsLsNnT07Njxw7KOr6Moq8yTg/w9VdXV6enp3u9XrYYZ9wBKz2gVnIaMpmM8hh9QLYONpuNkuSDPr5MJsNxvKSkBKaZT6vBk5hyKiCXy2HqAgBMJlNaWhoQ3I7o+vjc+vwP6wuL7xrDKCScWQWezgMcx6n+4eFhhUIBP+fl5aWkpFRUVOh0ujt37lAyXq/X6XTCz+3t7e+88w71iNFMSUnp6uqanJxUKpVut1uhUHi93tbW1vfff98fAZ+v0xEQZiQZn730BQkAcDqdYrGYLgmdyei3Wq3UaqFwu90ikYjaI/hCQEWH4TdOOGVmZ2c1Go1IJIJNkUik0WioJQThi2NeXl5jYyMAID09va2tDQDgcDgo57jdbofD0dvby9hu+Mz3P/d8DgUAGBwcTE9Pj4+PpzZHp9PJCJzwPsgXaLYynGoImMO2ji+jVlZj9Hp9UlKSy+USEGPEHbDSw2azSSQSet2lh3K5NYaxNBjjO51OeqrzWc2OKVuB2dlZemmUyWQ+tyNOK/jSz/+wvrCIntFxCcMwDPvhhx/u3r1rsVicTmdFRcWbb77Z1NSEYVhwcHBcXByUEf5FWWZmpsFgGBsby8rKioiISElJMRqN9JsuYQGfr9NZljAnJpNpRX7iJTg42E/Jlf2i7N9//z1//rzRaKypqYE9NTU1Op3u008/ramp2b59O+zki2Nubu61a9e0Wm1fX197ezv25JdCDx8+DAkJiYiIiIiImJqakkgky7J6TdBoNEVFRS0tLTiOOxyOjIwMAWHqcoxieno6kNoFkL/++qukpKSzszM6OppPhh13jCs9goKCEhISqCbjN2zLgnNpMMb3iT8x9Xg8QUFBAwMDIpGImgV+4EtjxBojXIJWdo7BaCd9vV7PeXdkMpmUSiWj0+v1yuVy6pKB0QQA9PT0pKWlZWdn3759GwDQ3NxcVlYWGxtLHYOEBXy+TkdAmH1Y9mkveHJXZrPZYHMFd2Umk4newxcdtt84lWHIlJSUEARRUVFB/8ILAHC5XOXl5QRBlJSUsMehx9Hj8chksqtXr9LPhfHx8fQviTqdLiMjg6EJ313Zcs8xfENNTU3Rv6GbTKbIyEjGXZler1/WXRkVaLYyfHdl/p9j+DJqueeY2dnZHTt23Lx5U0CMM+7s9BA+nazJXRnfPRin1Zwx5RyKIAjGJTMb9naEzjFrxcprDEmSIpGIusClmnCF5OTkOBwOi8WSkpJSXV0NABgeHs7IyOjq6nK5XHa7vaioKCsrixoZXowajcbXXnuN6mQ0IQqFQqFQQHmHwxEeHp6SkuK/gPBTxv0snzC7xrDt5SQnJ0ej0dhsNovFsnPnTsqZRUVF2dnZdrvdYrHs3r0b3jgx9KmtrU1LSzObzQ6Ho7S01Gg08kWH028M2DJarZaqf2xsNptWqwW+4pifnx8eHv7TTz9RPY2NjUlJSV1dXVNTU21tbTKZrKenhzE4p/k+F7nnaeDtCp8nFQpFc3Oz2+22Wq0ajQYOpdFo6IHzeVfGGWjOzZGtxnJrDGdGUavMbrfT79Po41CzeL3e9PT0srIyupfgo9HRUWo6zriz02Mj1Jj79++LRKKRkREYa86YAtbWVFJSsmfPHnheqa+vr6mpAfxpTLnIz60P1RifrLzGAACqq6slEsmNGzfozYaGBoIg6urqFApFZGRkQUEB/AvY0tJSdXV1cnKyWCxWKBRarXZycpIxS2VlZVVVFTU+ownJz8/PycmhmqmpqQwZYQGBp+ws5xNmryi2vZxMTk5mZWURBKFSqerq6uhZe+rUKblcrlQqq6ur4RJi6OP1es+cOSOXy3Ec12g0LpeLLzqcfmPgjwwnAnEEAOj1eoIgGB5obGxUqVRisXj37t1dXV3sMf0xn70LM2hpaeEbCgBgNBpTU1NxHI+Nja2oqIBDORyOQ4cOEQSRnJys0+l81hjOQHNujmw1llVjBDIKrrLW1lYcx+l/oqe/y+claoqff/55586dAsay02Mj1BgAwNmzZ6k9hzOmEPrW5PF4ysvLlUqlRCLJzMyEhzPONPb/gEKNj2qMT3zUmBUgkCs+SU5O7u3t5WtuTFZs78jICPXnx7XFH789F77dUKwmsQMxUVlZmc+fdXDi8XhUKlVra6uADEoPxFrxTP/m75N//vlHoLnJMJlMSUlJgRjZH79tbt++COh0upX9qCQ0NLStre2tt94SkEHpgVgrNlaN2fRcuHAhPj4+Ozt7bGysqqrq/Pnz660R4nklJCTk9ddfX9m7wgUGgVhDNuL/K9vE7N+/v7m5WalUarXasrKykydPrrdGCAQCEUC2AADWWwcEAoFAbE7QOQaBQCAQgQLVGAQCgUAEClRjEAgEAhEoUI1BIBAIRKBANQaBQCAQgQLVGAQCgUAEClRjEAgEAhEoUI1BIBAIRKBANQaBQCAQgQLVGAQCgUAEiv8BmE9Wfy/aIlwAAAAASUVORK5CYII=) --- Research's Comment: ![](data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAiEAAAAjCAIAAADNIk3yAAAACXBIWXMAAA7EAAAOxAGVKw4bAAACGklEQVR4nO3cr0trcRzH4a8rCmKwKGgSDFqGwWDwB4pFWTNMm1EGggzTgn+BQWRxSYN/haysiYggzKa4sjJEMIgGbxAMl8mRC5975e554psTzkkvDl/O6Xt/f08AECD3r28AgP+WxgAQRWMAiKIxAETRGACiaAwAUTQGgCgaA0AUjQEgisYAEEVjAIiS0Zi7u7vBwcGrq6uUUqfTGR4ertfrKaWLi4uFhYWhoaHx8fGNjY1ms/nVCEDPymjMxMREpVLZ29tLKR0cHKyvry8vL6eUCoXC9vb2w8NDo9GYn58fGBj4agSgZ/Vl/nf57e0tn89vbm5Wq9Wbm5vR0dHHx8eRkZHn5+f+/v7Py7qOAPSy7MaklM7Pz1dXV4+Pj3d3dz+Wra2t29vblZWVsbGx2dnZpaWlr0YAeta3zvzb7XYul2u325/L2dlZrVbL5/Ovr6/lcvmjPV1HAHpW9nvM09PT1NTU0dFRqVRqNBrT09O/XXB9fV0oFFqtVuYIQE/Jfo+pVCqLi4vFYrFcLpdKpZRSs9lcW1ur1+udTqfValWr1ZmZma5j/P0D8HNlNOby8vLk5OTw8DCltL+/f39/f3p6Ojk5OTc3t7Oz83Hu8vLyUqvVuo5/5REA+KG+deYPAH/Ad/4ARNEYAKJoDABRNAaAKBoDQBSNASCKxgAQRWMAiKIxAETRGACiaAwAUTQGgCgaA0AUjQEgyi8Nhc7QY4LHNAAAAABJRU5ErkJggg==) --- **Screenshot:** ![wip-go.ch vulnerability](/twimages/screen-995401.jpg) **Mirror:** [Click here to view the mirror](<http://995401.openbounty.org/mirror/>) ### Coordinated Disclosure Timeline Vulnerability Reported:| 15 October, 2019 17:24 GMT ---|--- Vulnerability Verified:| 16 October, 2019 07:07 GMT Website Operator Notified:| 16 October, 2019 07:07 GMT a. Using the ISO 29147 guidelines| ![](/images/done.png) ---|--- b. Using publicly available security contacts| ![](/images/done.png) c. Using Open Bug Bounty notification framework| ![](/images/done.png) d. Using security contacts provided by the researcher| ![](/images/done.png) Public Report Published [without any technical details]:| 16 October, 2019 07:07 GMT Additional notification email sent:| 17 October, 2019 07:36 GMT