An attack of this type involves an attacker inserting malicious characters
						(such as a XSS redirection) into a filename, directly or indirectly that is
						then used by the target software to generate HTML text or other potentially
						executable content. Many websites rely on user-generated content and
						dynamically build resources like files, filenames, and URL links directly
						from user supplied data. In this attack pattern, the attacker uploads code
						that can execute in the client browser and/or redirect the client browser to
						a site that the attacker owns. All XSS attack payload variants can be used
						to pass and exploit these vulnerabilities.