Stored xss via group name
admin user -->attacker -->firefox browser
user 2 -->victim -->chrome browser
First from admin user create a group with xss payload
xss"'><img src=x onerror=alert(document.domain)> .
Now grab the sharing link and share with user 2 .
When user 2 open this sharing link then xss is executed .