Security Release: ImpressCMS 1.2.4

Two security vulnerabilities were just discovered and a new release has been published to address them. The ImpressCMS Project has just released ImpressCMS 1.2.4 as a stable release - site administrators are strongly encouraged to upgrade their sites.

The imagemanager plugin used by the TinyMCE wysiwyg editor was bypassing the permissions system, allowing unauthorized creation of categories and folders within the image folder. The second vulnerability was a potential cross-site scripting, but required elevated permissions and access to the administration area of ImpressCMS.

Downloads are immediately available in our file repository on SourceForge and include a complete install, an upgrade from older versions and an upgrade from the most recent version, ImpressCMS 1.2.3. Site administrators are strongly encouraged to upgrade their sites as soon as possible.


The developers of mojoPortal have recently released a new version of their CMS, mojoPortal Some of the new features include:

  • A new Flickr Gallery feature
  • A new User Sign In Module that can be put on a content page such as the home page
  • A new scroller setting in the Feed Manager to enable a scrolling news ticker
  • Some improvements to the List/Links feature including a new introduction that can be used to place html above the list and a new option for non-ajax paging
  • Database authentication and LDAP - a new config setting for fallback to LDAP if database authentication fails. This allows scenarios where your internal users such as content authors can login with their LDAP credentials while still allowing public users to register and sign in with database credentials.
  • A new option to disable CSS caching while designing by clicking a button that sets a cookie to disable it. The previous way of of disabling it from config still works but this new way may be more convenient. You will find the button under Administration > Advanced Tools > Designer Tools
  • Upgraded to CKeditor 3.4.2
  • Updated Italian resources
  • Bug fixes for things reported in the forums since the previous release including several fixes in the SQL CE data layer and the Firebird data layer.

The latest version of mojoPortal is available on the site's download page.

Kentico CMS 5.5 R2 Brings Enterprise 2.0 Intranet Solution

Nashua, New Hampshire, USA, December 15, 2010 – Kentico Software (, the Web content management system vendor, announced the general availability of Kentico CMS 5.5 R2. This new version of their flagship enterprise CMS provides enhanced Intranet support, Document and Project Management,  integration with Microsoft Office through WebDAV protocol, Workgroups,  Sharepoint 2010 Connector and Windows Azure support.

“We have always developed Kentico CMS as a scalable enterprise platform for corporate websites, intranet solutions, e-shops and integration with social networks. Our main focus for Kentico CMS 5.5 R2 was to extend our intranet offering mixed with key Enterprise 2.0 functionality” says Petr Palas, CEO of Kentico Software. “Keeping our intranet solution in step with our CMS offering ensures customers can grow their website needs with their business; leveraging the consistent easy to use Kentico environment that includes multi-site management, and an industry leading ROI.” he adds.

Key features that round out the Kentico CMS 5.5 R2 intranet offering include Document and Project Management, Workgroups and WebDAV support. Project Management provides the users with ability to manage, assign and monitor projects and tasks. The new Document Management helps users to manage documents and their permissions directly from a website without access to the administration UI. With the added support of WebDAV, users can now directly edit documents without the need to save them manually to a temporary location and then re-upload them.

“With our partners and customer focus, we drove our development based on an extensive set of client scenarios. We validated our features with our partners and key customers like Shaw Industries Group Inc. to refine our key scenarios. Kentico CMS 5.5 R2 delivers a complete intranet solution with a ready to use Intranet Starter site and flexible Document Management. Kentico CMS 5.5 R2 cuts down the time and cost of any intranet portal development. This combination of features and functionality guarantees that the Kentico CMS Intranet helps our partners and customers successfully meet their business goals.” says Michael Neuwirth, Product Manager at Kentico software.

Kentico CMS 5.5 R2 extends support for SharePoint 2010 and includes Windows Azure support for single CMS installations.

More information about the Windows Azure support is available at:

Kentico CMS 5.5 R2 for ASP.NET can be downloaded as a free 30-day trial at or it can be trialed on-line without any installation at

Tiki Releases 6.1 Update

The Tiki Community is proud to announce the immediate availability of Tiki Wiki CMS Groupware 6.1. This update includes over 250 code changes by nearly 20 Tiki Community members. Although these updates are primarily fixes and improvements to existing features, there are several new items that Tiki administrators will be happy to see, including:

  • Continued upgrades for WYSIWYG editing
  • Default toolbars include a new button to easily select a file (after file upload, if needed), and it's name and link are added to the textarea of that wiki page, forum, blog, etc.
  • A new admin panel for Clipperz online password management
  • Improvements to CSS inclusion for newsletters
  • Many translation updates (from Tiki's interactive translation feature)
  • New and improved plugins for third-party media (such as Vimeo,, and YouTube) and generic buttons.
  • Updated plugin interface
  • New module: Tracker help
  • Export or show a wiki page in text-only format (useful to be used with Pretty Trackers)
  • Static text fields in Trackers can be sent with wiki-parsed text in notification emails.
  • New language.js file added to language folders to assist in translation of text and UI elements used in JavaScript functions.

See the Release Notes ([]) and the Tiki6 document ([]) for complete details on this release. All Tiki administrators are encouraged to upgrade to this latest release. You can download Tiki 6.1 from [].

Improve Constituent Services by Re-using Information Effectively

“In progress.” When it comes to government, we hear those words a lot. It’s no surprise: meeting the needs of a geographically large nation with diverse constituents is challenging. Change and progress require time…and patience.

Technology is one area where progress is evident. Change is afoot everywhere, from optimizing government websites for mobile devices, to coordinated healthcare services and discussions about creating a national dashboard to share meaningful information. The goals are familiar:

  • Better communication.
  • Improved efficiency.
  • Greater transparency.
  • Fiscal responsibility.

Poor communication, inefficiency, and lack of transparency contribute to financial leakage. They invade the workplace via redundant tasks; duplicate payments; time wasted digging for answers or waiting for replies; recreating missing files; and researching and re-keying data from one system to another.

Multilingual Wiki Solution Video

The Tiki Community is proud to announce the release of its second promotional video:

How about a *real* multi-language solution?

In this video, recorded in March 2010, Philippe Cloutier, a Tiki consultant, talks about the multilingual features and capabilities of Tiki Wiki CMS Groupware. He explains the differences between the Tiki multilingual approach and other wiki systems.

Cloutier is a long-time Tiki contributor and programmer. In this video, he discusses the fully integrated multilingual platform that Tiki offers as well as his vision for the future of translation and mutli-lingual wikis.

In addition to facilitating page content translation, the core Tiki interface is available in over 45 languages. These translations are contributed by members of the Tiki Community.

See to watch the video. The video can also be viewed below.

MODX Revolution Sees Rapid Adoption and Makes its Biggest Minor Release Ever

Dallas, TX - Wednesday, December 8, 2010 - MODX, LLC, the company behind the Open Source MODX content management platform today released its latest version of MODX Revolution 2.0.5. This release adds significantly to its stability and security. Revolution 2.0.5 closes more than 175 issues and improvements.
"We're excited about MODX Revolution's growth and adoption," said MODX CEO and Project Co-founder, Ryan Thrash. "Our 2.0.5 release delivers on our promise to continuously improve our flagship platform thanks to an amazing team. Looking back to our last release less than 2 months ago, we've managed to improve Revo in almost 200 ways. Looking forward, we're ready to dive back in to the future that begins with 2.1."
As Open Source software, MODX Revolution benefits from a growing, supportive and collaborative community of developers and organizations that provide valuable feedback, report issues, provide fixes and share ideas with the core development team, allowing for rapid and responsive improvements.
Improvements found in MODX Revolution 2.0.5 were centered around the designers, developers and organizations who build and deploy websites. These improvements provide more efficient methods of implementing client requirements for such things as Administrative Access Permissions and Controls and Customizations to the interface. 
Developers building on MODX have always had the advantage of being able to build custom Manager interfaces or customizing the experience for their clients. Revolution 2.0.5 makes this significantly more intuitive and flexible. Additionally, site builders and administrators of all types will benefit from refinements and enhancements to the Manager.
MODX Revolution has found rapid and increasing adoption amongst design agencies, developers and IT consultancies as the go-to Content Management System (CMS) and content management platform. MODX has been downloaded more than a million times, with the latest MODX Revolution release accumulating over 60,000 downloads since it's initial public release in July 2010. 
The latest release of MODX Revolution be downloaded for free at


Subscribe to CMS Report RSS