Share
## https://sploitus.com/exploit?id=13502B63-09B1-523A-A9EE-BCBF330B194A
PoC exploit for CVE-2025-57520, a stored cross-site scripting (XSS) vulnerability in Decap CMS up to version 3.8.3. The exploit targets the admin interface, specifically the content preview panel, which is vulnerable to XSS when a privileged user opens it for a malicious entry. The exploit is likely invoked through the content preview panel, although the exact invocation method is not specified. The vulnerability affects multiple input fields in the admin interface, allowing an attacker to inject malicious scripts. The expected impact of this vulnerability is a stored XSS, which can lead to various attacks, including session hijacking and data tampering.