Unrestricted file upload is a serious vulnerability with significant impact on the application and its infrastructure. An attacker with the ability to upload a malicious file to the application can set up drive-by-download attacks, deface the website, or gain access to the file system through a web shell.

Refer to details in Excel sheet attached in original epic.