XSS on services.shopify.com

Hy security, i Got a stored xss in one of your sub-domain "services.shopify.com" steps: 1- Go to https://(your_store).myshopify.com/admin/apps/experts_marketplace/services_marketplace 2- Then Go to All services>Marketing and sales>email marketing> Design custom email templates >click select 3- fill al the data, there will be an option for "attach file" 4: selcet a html file where the xss payloads are got stored. 5. write click on the attached file and go to that location, you will see the pop-up ## Impact can steal cookies