Coinbase: XXE in OAuth2 Applications gallery profile App logo

upload svg photo XML based as App logo contain XML payload renamed to .jpg server start execute this XML payload or just watch this video "https://www.dropbox.com/s/wkba6f0wrax0wr8/xxe.mp4?dl=0" the same vulnerability was in https://www.coinbase.com/careers and reported by...