EIP-2026-105413

This exploit demonstrates multiple stored XSS vulnerabilities in Batflat CMS 1.3.6. It provides payloads for Navigation, Galleries, and Snippets modules, which execute arbitrary JavaScript when triggered by victims.