admin security bypass

Site: Hidden content Did a Stored XSS Went Well Go Have Fun Btw you can only upload jpg,jpeg No option to upload a php shell Either try for the exif data via image or the modified name shit Note: Only for educational purpose