If a user can upload their own css for their personal page (say, a profile), are there any CSS based vulnerabilities I should look out for? This would be stored on my server in example.com/user/profile/css/usercss.css (or something like that).