ImpressCMS Releases 1.2.2 Final - A Security Release

ImpressCMS News The ImpressCMS Project (www.impresscms.org) has just released ImpressCMS 1.2.2, which is a security release. This version patches a recently discovered vulnerability in an external library, CSSTidy. The file containing the vulnerability is not used by ImpressCMS, and should be removed.

The vulnerability was reported on Secunia as a cross-site scripting vulnerability targeting a file in the CSSTidy plugin. Upgrading to ImpressCMS 1.2.2 will take care of removing the exploitable file.

To remove the file without performing an update to your installation, you can manually remove plugins/csstidy/css_optimiser.php.

Where do I get ImpressCMS 1.2.2?

You can download the latest release from our file release system on SourceForge. The download packages allows you to either do a fresh installation, or upgrade from an earlier version of ImpressCMS or XOOPS.

About ImpressCMS

ImpressCMS has had a short, but notable history - founded in 2007, an initial release in January 2008, 3rd place in Packt Publishing's Most Promising Open Source CMS in 2008 and 1st place in 2009, a 2008 finalist in SourceForge's Community Choice Awards, 36 separate releases and almost 10,000 commits in its code repository.

CMS Topics:

About this CMS Enthusiast

One of the co-founders of the ImpressCMS project in 2007, Steve has been contributing to open source CMS projects since 2004.

Steve also maintains Christian Web Resources, a website to encourage and equip Christian webmasters for today's web.

CMS Report

Focusing on today's Content Management Systems

You are here

ImpressCMS Releases 1.2.2 Final - A Security Release

Where do I get ImpressCMS 1.2.2?

About ImpressCMS

CMS Topics:

Related Stories

Featured Stories

Recent and Popular

Follow CMS Report: