TL;DR: Type confusion, extension parsing, path traversal, and content-as-code on the receiving end.

Stub — to be filled in.

What it is

TODO

Preconditions / where it applies

TODO

Technique

TODO

Detection and defence

TODO

References

• https://portswigger.net/web-security/file-upload