Unauthorized upload of XML file to execute XSS

Hi i found an xss vulnerability on Feehi CMS backend

What is XSS?

Attacker can inject and executee javascript code to webpage.
![1](https://user-images.githubusercontent.com/85430538/188823537-1e6f339f-80c3-4b29-8787-d98f04c1d392.png)
Then access this directory
![2](https://user-images.githubusercontent.com/85430538/188823835-ed392c48-c9a9-4eca-9456-7cd6bfc9c240.png)
