Hi mohammed,

When i found the xss the request was like this:

post /endpoint

Host:

Cookie:

..

body={xss payload}

and the response was an html page contains the xss payload

so i created a basic csrf poc to send this post request as soon as the user opens the evil link

it's basic post csrf poc