You can read these real world UFU PoCs to better understand how the bug is exploited in the real world scenarios
File Upload XSS in image uploading of App in mopubarrow-up-right by vijay kumar
RCE deal to tricky file uploadarrow-up-right by secgeek
File Upload XSS in image uploading of App in mopub in Twitterarrow-up-right by vijay kumar (vijay_kumar1110)
Unrestricted File Upload to RCEarrow-up-right by Muhammad Khizer Javed
Reference: https://whoami.securitybreached.org/2019/06/03/guide-getting-started-in-bug-bounty-hunting/arrow-up-right
Last updated 4 years ago
