the session is getting shared across the two web apps
If the session is shared across the two web applications, then yes this is the reason. The session is lock the response.
To avoid this, on the huge upload information disable the session (only on the handler or on the page that make the upload).
Relative: Replacing ASP.Net’s session entirely