XSS via file upload

I found xss via file upload here i uploaded svg file which stored in google cloud and reflected with xss

1) login at app.xyz.com
2) go to online store >> settings >> Email Notification >> Email design
3) click edit
4) Upload the file with svg payload
5) save the file and open image in new tab

But it’s marked as duplicate

Next day I observed that bug got patched and we can’t do xss anymore.

But after I saw url changed


After URL decoding


What if I remove the convert part from url.

Oh we get pop up again

After reporting it’s got triaged