🎯 CORS Exploitation Demo

How this exploit works:

1. You visit this malicious website
2. This page makes a request to http://localhost:5000/api/current-user
3. If you're logged in to the vulnerable app, your browser sends the authentication cookie
4. Due to CORS misconfiguration, the vulnerable app allows this cross-origin request with credentials
5. This page receives your sensitive user data