Stored XSS occurs when changing a user’s profile
XSS POC : "><something:script xmlns:something="http://www.w3.org/1999/xhtml">alert(document.domain)</something:script>
1. Open the https://demo.microweber.org/demo/admin
2. Go to "Users" > "Edit profile"
3. Change the value of "First Name" to XSS PoC
4. Refresh
Through this vulnerability, an attacker is capable to execute malicious scripts.