Meterpreter Session died [Bwapp]

I just set up a lab with bwapp and wanted to jump straight into webshell. I used Unrestricted file upload vuln –> uploaded my perfect shell created with msfvenom.

My only problem is that my session doesn’t seem persistent as I’m getting Meterpreter session opened and then died.

For more context, bwapp is on a bridged network vbox and my kali is also bridged.

php/meterpreter_reverse_tcp etc etc.

Any ideas…

I need persistence (RCE)

HTML Injection in bWAPP High security Level

This is the code handling the high security level part

function xss_check_3($  data, $  encoding = "UTF-8") {      // htmlspecialchars - converts special characters to HTML entities         // '&' (ampersand) becomes '&amp;'      // '"' (double quote) becomes '&quot;' when ENT_NOQUOTES is not set     // "'" (single quote) becomes '&#039;' (or &apos;) only when ENT_QUOTES is set     // '<' (less than) becomes '&lt;'     // '>' (greater than) becomes '&gt;'        return htmlspecialchars($  data, ENT_QUOTES, $  encoding);  } 

I have seen this post but I am not able to figure out the bypass.

What I have tried : I tried doing URL-encoding , using various other tags but failed and read some writeups from net but can’t crack this one.

What I want : I dont need the exact solution but I need a small hint on this one. What I have seen is chars ;,:,. are not filtered so I think this is indeed exploitable.