#bugbounty #bugbountytips
File upload vulnerabilities are when a web server allows users to upload files to its filesystem without sufficiently validating things like their name, type, contents, or size. There is an XSS (cross-site scripting) vulnerability present in the file upload functionality. Someone can upload a file with a malicious filename, which contains JavaScript code, which would result in XSS.
![](https://i.ytimg.com/vi/Zk2fnZQvpPs/maxresdefault.jpg)