it seems to me it may be vulnerable to XSS s****t2 i found the cve but i did not find POC that work, any idea?