Vulnerability POC for CVE-2023-34845
I found a cross-site scripting attack on the new content creating page http://localhost:800/admin/new-content it will execute the script in user context allowing the attacker to access any cookies or sessions tokens retained by the browser. Stored XSS, also known as persistent XSS, is the more damaging than non-persistent XSS. It occurs when a malicious script is injected directly into a vulnerable web application.