The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the creds URL parameter.Referenceshttps://github.com/jet-pentest/CVE-2021-3131
