Cross-Site Scripting Stored On Rich Media

**Hi Team Security Pushwoosh** I'm Found Bug Cross-site Scripting Stored in On Rich Media . Steps to verify --- * . Login as **Attacker** * . Go To **Rich Media** and Create New Media * . Fill Name and Choose Zip Upload * . Upload **index.zip** in **Attachments** * . Cick Save and Enter to Media Waiting Page to Reload Payloads .. **XSS execute !!** POC --- PIC :- http://i.imgur.com/cOlh88C.png **Testing :- Firefox** **Regards** @Hussain