This can be used to exploit POST XSS without much interaction from the victim.
Upload the 5 files(except of readme ofc 🙄) to your hosting by typing the URL of your website instead of attacker.com.
Replace vulnerablesite.com with the vulnerable site on your target.
Replace the form variables below with the variables of the form that contain the XSS vulnerability.
In addition, you may need to change payload to bypass existing security filters.