Web Content Management Round-Up, June 2015

Drupal 8 Security

With more than one million websites running on Drupal, this PHP-based CMS platform is one of the top three most popular content management systems in the world[1]. Unfortunately Drupal is also well-known for its security issues. Notably, in autumn 2014, Drupal released a security patch to address a serious SQL Injection vulnerability, which affected all of the Drupal websites and was rated as a highly critical security issue with a maximum security risk rating, 25/25. Websites which were not patched within seven hours of the security announcement were considered compromised.

Since then, three more security patches were issued. The most recent one addressed OpenID module vulnerability, which allowed hackers to login as website administrators (security risk: 15/25).

With Drupal 8 on the horizon, security of the platform will come under new scrutiny. Architectural changes and new modules that come with Drupal 8 release will introduce additional security risks. In an attempt to address these concerns, Drupal announced Drupal 8 Security bug bounty program which will pay for valid security issues found in Drupal 8. This initiative is funded through Drupal 8 Accelerate.

Interested to take part? Find and report security issues by August 31, 2015 at Drupal 8 Bugcrowd.


Drupal 8 Bug Bounty Program pays for any security vulnerabilities found in Drupal 8.

Wimbledon Extends Partnership with IBM

IBM, Wimbledon’s trusted partner for more than 15 years, extends the contract for another five years and makes headlines promoting the redesigned and enhanced Wimbledon website. When it comes to rising customer expectations, Wimbledon website is a case in point. Tennis fans want it all – they want to see the scores, the queuing times, read the interviews, watch the matches, compare today’s stats with last year’s, you name it. Tennis fans don’t care about fragmented governance of tennis events, which gets in the way of collecting data. They don’t care who owns the copyright on the interviews, and they don’t care about the high traffic that the website has to cope with at peak times (last year, Wimbledon’s website had 17 million unique visitors during the two weeks of the tournament). Tennis fans want outstanding customer experience. Nothing less will do.

IBM claims to match and exceed these expectations with “unparalleled access to real-time live scoring, courtside action and insights, via a radical redevelopment and redesign of wimbledon.com and advancement of the mobile apps experience”. With player statistics and other key tournament features becoming available next week, on June 29 2015, it won’t be long before tennis fans themselves give their verdict.


IBM redesigns and enhances Wimbledon.com website.

Web CMS for Higher Ed

HannonHill announced Cascade CMS 7.14 release. The main two features introduced in this release are:

  • Content ownership.
  • Login as user.

Content ownership functionality allows to assign content owners to content assets. This feature is particularly important in the context of the Higher Ed industry, where web managers are fighting the battle against the incorrect, irrelevant and out-of-date content every day.

Login as user allows administrators to temporarily log in as another user without the need to enter their password.

For more information on this release, read the overview of the features on Hannon Hill website, watch this webinar recording on what’s new in Cascade CMS 7.14 and 7.12, or look through the release notes.

Cascade Server CMS

Cascade Server CMS introduces content ownership feature, which helps web managers to identify and correct out-of-date information.

Service Provider Incentro Becomes Hippo CMS Gold Partner

Incentro, a digital agency and systems integrator with offices in Netherlands, Spain and Turkey, became a Hippo CMS Gold Partner. The gold partnership title reflects Incentro’s expertise and experience in Hippo CMS implementations – the company has a track record of six completed Hippo CMS projects and employs 18 Hippo CMS certified developers.

Incentro Digital Agency

Incentro becomes Hippo CMS Gold Partner

Recognition and Awards

Winners of Umbraco Awards 2015 were announced at this year’s Codegarden annual conference. They are:

Umbraco Awards 2015

Power website wins Umbraco Awards 2015 in Best Integration Category.

Upcoming Industry Events

This blogpost was first published on Digital Clarity Group website in 2015.