The ImpressCMS development team has released ImpressCMS 1.1.3, a security update for their 1.1 version. The vulnerabilities were not in their core code, but in 2 of the 3rd party libraries used and distributed with their core - Smarty and PHPOpenID. If your site is running on a version prior to 1.1.3, it is strongly recommended you upgrade to the latest version.

Smarty is a template engine, driving the way pages are built and displayed by ImpressCMS. PHPOpenID allows you to use OpenID authentication for logins on an ImpressCMS site.