XSS exists in DiliCMS 2.4.0 via the admin/index.php/setting/site?tab=site_attachment attachment_url parameter.Referenceshttps://github.com/chekun/DiliCMS/issues/59
