Please see exact security email sent to security list (newsletter) here to assert your personal risk factor:
Security Advisory for obsolete CB 1.1
What's really urgent, vulnerability exploit or not anyway, is, if you don't have that on a regular base, is to
backup your CB 1.0/1.1 site on a daily basis, or now at least, and have that backup
off-website at your home or office. JoomlaBackup is a joomla component to do that if your hoster doesn't provide you such a function.
This is anyways step 0 of upgrade instructions.
Then at least you can sleep well until you have time to update (as soon as possible).
As said, all CB 1.2 are ok (do not have that vulnerability), and are released since 6 months. obsoleting CB 1.1 since then.
Also for ugrading, follow the README_UPGRADE.txt which is in the zip. Upgrades are simple and smooth (unless you hacked your site instead of doing it in plugins). Please read that file in detail, it's the reference and detailed step by step.
In fact, easiest is expert upgrade, as you don't have to reinstall plugins... Well prepared, it's only a couple of minutes.
(of course the upgraded full documentation of Nick for CB 1.2 (see side-column) will help you lots in using the nice new features of CB 1.2.1
)