The ImpressCMS Project (http://www.impresscms.org) has just released ImpressCMS 1.2.2, which is a security release for the 1.2 series of ImpressCMS. This version patches a recently discovered vulnerability in an external library, CSSTidy. The file containing the vulnerability is not used by ImpressCMS, and can be safely removed.
Fixing the vulnerability
Via Automatic Upgrade:
Upgrading to ImpressCMS 1.2.2 will take care of removing that file. The latest release package (1.2.2) does not contain the vulnerable file anymore.
Via Manual Procedure:
In case you have made changes to your local installation that make it difficult to do an upgrade, please remove the vulnerable file manually. The file to remove is plugins/csstidy/css_optimiser.php
Where do I get ImpressCMS 1.2.2?
You can download the latest release from our file release system on SourceForge (http://sourceforge.net/projects/impresscms/files/). The download packages allows you to either do a fresh installation, or upgrade from an earlier version of ImpressCMS or XOOPS.
The goal of the ImpressCMS Project is to stimulate and promote the open source nature of the CMS in both the core and its modules and establish itself as the premiere CMS by expanding the system to meet the needs of their users now and well into the future.
ImpressCMS is -
* Open Source
* Open Development
* Open Philosophy
* Open Community
I want to get involved!
If you're looking to join the ImpressCMS project, then get on board! All you need to do is head on over and complete the ImpressCMS Team form.
We'd love to connect with you ...
* Ohloh project: http://www.ohloh.net/projects/10042?p=ImpressCMS
* Facebook group: http://www.facebook.com/group.php?gid=7395938599
* Facebook fans page: http://www.facebook.com/pages/The-ImpressCMS-Project/22332836800
* LinkedIn group: http://www.linkedin.com/e/gis/45459/3A9B02585174
* Delicious: http://del.icio.us/tag/impresscms
* Flickr: http://www.flickr.com/photos/tags/impresscms/
* YouTube: http://www.youtube.com/impresscms
* ImpressCMS Toolbar: http://impresscms.ourtoolbar.com/