We would like to inform you that an update to FCKeditor has just been released. This is a security release that contains a fix for two recently reported issues:
- (ASP) File Upload Protection Bypass - reported by Soroush Dalili (@irsdl), Mostafa Azizi
- XSS vulnerability in built-in file manager - reported by Soroush Dalili (SecProject.com)
Also in this version the detection of IE10 and Firefox17+ has been fixed.
Please note FCKeditor is a retired and no longer supported product. No further updates will be provided and it is highly recommended to upgrade to its successor, CKEditor, that is a far superior, feature-rich and mature product.