0.0004 Low
EPSS
Percentile
14.2%
In the file upload, I can’t upload files with extension like html,php,… but I can upload a file with extension “inc” and that leads to stored XSS.
https://drive.google.com/file/d/1eDE63KXbZLYraDus6hSXwiT_aLDVx9ut/view?usp=sharing
owasp.org/www-community/attacks/xss/