writeups.xyz / How I was rewarded a $1000 bounty after abusing File Upload functionality to Stored XSS Vulnerability leading to credential theft of a vistor in a website.

Submitter : c2a

Date: 18 January 2021

Bounty : 1,000

Vulnerabilities :

• Unrestricted File Upload
• Stored XSS

Programs :

• Undisclosed

Authors :

• Kunal Khubchandani (@Iamkun4l)

Link :
https://kunalkhubchandani.medium.com/how-i-was-rewarded-a-1000-bounty-after-abusing-file-upload-functionality-to-stored-xss-945a40ac6f94