Personal tools

You are here: Home → All CMS → I → ImpressCMS → News → ImpressCMS : Security Vulnerability Reported in CSSTidy

Votre publicité ici

Navigation

Last News: Security Release ImpressCMS 1.2.2 Jul 17, 2010; ImpressCMS : Security Vulnerability Reported in CSSTidy Jul 14, 2010; Release of ImpressCMS 1.2.1 Final Mar 14, 2010; ImpressCMS 1.2.1 Release Candidate is now available Mar 09, 2010; More…

In knowknowing more

ImpressCMS Community: Marc-AndrÃ© on ImpressCMS and Microsoft Web App Gallery Aug 28, 2010; Please nominate ImpressCMS for the Packt Open Source CMS Awards Aug 14, 2010; Webinar - Road to ImpressCMS 1.3 Aug 06, 2010; ImpressCMS Now Available From Microsoft Web App Gallery Jul 30, 2010; More…

ImpressCMS : Security Vulnerability Reported in CSSTidy

by Guy Vigneault — last modified Jul 23, 2010 03:53 PM

— filed under: ImpressCMS

There has been a recent report of a potential vulnerability in the CSSTidy library included with ImpressCMS 1.2.0 and 1.2.1 releases.

News from ImpressCMS Website

The vulnerability exists in a file used as a implementation of the CSSTidy classes to demonstrates how the library functions. 1.2.0 et 1.2.1 de presse . La vulnérabilité existe dans un fichier utilisé comme une mise en œuvre des classes CSSTidy à déterminer comment les fonctions de la bibliothèque .

This file not used by ImpressCMS and can be removed from your sites.

In fact, it is recommended you remove the file. The file to remove is plugins/csstidy/css_optimiser.php. A patched version of ImpressCMS (version 1.2.2) will be released later today for new installations.

Personal tools

ImpressCMS : Security Vulnerability Reported in CSSTidy

Document Actions