Stored XSS in Email Templates via link

## Summary: Stored cross-site scripting (also known as second-order or persistent XSS) arises when an application receives data from an untrusted source and includes that data within its later HTTP responses in an unsafe way. ## FYI: I Install judge.me in Shopify E-Commerce ## Steps To Reproduce: 1. Go to `Requests > Email Templates` {F1488407} 2. Click `New Templates` {F1488408} 3. Edit this block {F1488410} 4. Insert Link with XSS payload (See image below) {F1488413} 5. Then save email 6. To trigger the XSS, you can click `Click Here` text {F1488415} ## Impact Session Hijacking, Cookie Stealing