ImpressCMS 1.2.2 Final (Security Release)

The ImpressCMS Project ( has just released ImpressCMS 1.2.2, which is a security release for the 1.2 series of ImpressCMS. This version patches a recently discovered vulnerability in an external library, CSSTidy. The file containing the vulnerability is not used by ImpressCMS, and can be safely removed.

Fixing the vulnerability

Via Automatic Upgrade:

Upgrading to ImpressCMS 1.2.2 will take care of removing that file. The latest release package (1.2.2) does not contain the vulnerable file anymore.

Via Manual Procedure:

In case you have made changes to your local installation that make it difficult to do an upgrade, please remove the vulnerable file manually. The file to remove is plugins/csstidy/css_optimiser.php

Where do I get ImpressCMS 1.2.2?

You can download the latest release from our file release system on SourceForge ( The download packages allows you to either do a fresh installation, or upgrade from an earlier version of ImpressCMS or XOOPS.

About ImpressCMS

The goal of the ImpressCMS Project is to stimulate and promote the open source nature of the CMS in both the core and its modules and establish itself as the premiere CMS by expanding the system to meet the needs of their users now and well into the future.

ImpressCMS is -

* Open Source
* Open Development
* Open Philosophy
* Open Community

I want to get involved!

If you're looking to join the ImpressCMS project, then get on board! All you need to do is head on over and complete the ImpressCMS Team form.

We'd love to connect with you ...
* Ohloh project:
* Facebook group:
* Facebook fans page:
* LinkedIn group:
* Delicious:
* Flickr:
* YouTube:
* ImpressCMS Toolbar:

Posted by Steve Kenow 2010-07-17

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks