Stored xss via file upload
💥 STEP TO REPRODUCE
- From your account goto http://localhost:9000/campaigns/media and upload a image .
Now change the filename to html file and put xss payload in the browser network tab.
now forward the request .
- Now visit the uploaded file and see xss is executed