Unrestricted file upload leads to stored xss on https://████████/

**Summary:** When the user want to upload a "certificate", the web app doesn't check the content-type of the file. A user can upload any kind of file (binary,html,...) ## Step-by-step Reproduction Instructions 1. Create an account at https://██████/████████/app/registration/basic-info 2. When you are connected, click on "certification" Upload this file as xss.html and save the modifications: ```html <!DOCTYPE html> <html> <head> <title>Simple Test</title> <meta name="viewport" content="initial-scale=1.0"> <meta charset="utf-8"> </head> <body> <script> alert(document.cookie ) </script> </body> </html> ``` 3 . Go back to the "certification tab " and open the attachement in a new tab POC :https://███/████/registration-service/files/███████.html ## Suggested Mitigation/Remediation Actions Restrict the content-type of the uploaded files ## Impact The unrestricted file upload vulnerability leads to stored xss.