19Tem
Does this qualify as Filename Upload DOM-XSS?
An application has the following javascript code which is triggered whenever an user tries to upload a file.
a.html(fileName)
then if the user uploads a file named <img src=x onerror=alert()> the javascript code is executed.
Does th…