Hi,
yes, we are using the h1 platform, and as of a few minutes ago, we are a public project at https://hackerone.com/impresscms
Feel free to post any security related issues there so we can monitor them more easily.
This Post was from: https://www.impresscms.org/iforum/viewtopic.php?topic_id=5899&post_id=50716