Stored XSS at [ █████ ] in " LINKEDIN URL" Field.

Vulnerability Type: Stored Cross Site Scripting (XSS). Description: This vulnerability exists in a web application where user input is not adequately validated. Specifically, the application fails to sanitize input in the LinkedIn account link field within the 'Buddies-to-Be' section of a campaign. Reproduction Steps: The issue can be replicated by inserting a malicious JavaScript payload into the LinkedIn URL field when adding a 'Buddy-to-Be' in a campaign. The script executes when the LinkedIn icon is clicked. Impact: Execution of the malicious script could lead to unauthorized actions performed on behalf of the user or access to sensitive user data, such as cookie theft.