CVE-2018-18210
CVE-2018-18210 shows a Cross-Site Scripting (XSS) vulnerability in DiliCMS 2.4.0 exploited via the attachment_url parameter of admin/index.php/setting/site?tab=site_attachment. Multiple databases describe XSS that can be used to inject scripts and potentially access sensitive information. Exploit...