Upgrade to version 1.84 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
Vendor URL: http://www.xcms.it/
Secunia Advisory ID:28256
Related OSVDB ID: 1020799
ISS X-Force ID: 39346
Generic Exploit URL: http://www.milw0rm.com/exploits/4813