CVE-2018-10430

Name of the Vulnerable Software and Affected Versions: DiliCMS version 2.4.0

Description: A Stored XSS issue was found in the fourth textbox of "System setting->site setting" in admin/index.php, allowing for potential exploitation.

Recommendations: For DiliCMS version 2.4.0, consider restricting access to the "System setting->site setting" section in admin/index.php until a fix is available. As a temporary workaround, avoid using the fourth textbox in this section to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.