JoomlaFCK WYSIWYG editor for Joomla!

Due to a security vulnerably we are officially releasing 2.6.4.1 and HIGHLY RECOMMENDED upgrading to the latest stable version - click to download.

The vulnerabilities is found in all implementations of the FCKeditor before version 2.6.4.1. This allows remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.

The good news is that the above has caused us to release before time and therefore includes some welcomed improvement that would otherwise not be available until August.

New Features:

• New Joomlalised dialog light-box skin - brings a professional & integrated look to the editor’s plug-ins.
• Spell Check on Save option - this feature was requested by one of our users on the forums about 3 weeks ago. By default this feature is OFF but can be applied in the plug-in parameters. 

Changes:

• Relative file path set as default.

Fixes:

• IMPORTANT SECURITY RELEASE - Multiple directory traversal vulnerabilities - Read more
• CSS import Stylesheet – fixed an issue when importuning attributes with speech marks in the font family style.
• Flash file plugin – fixed an issue when embedding flash files in absolute mode.
• Spell Check now supported in Safari 4.
• Fixes the browsers information tab.
• Yoo themes light-box gallery plug-in – the editor will allow for empty link tags in the code.

Our thanks:
We would like to thank those who have taken the time to comment on the forums and those who have taken the time to show your support on the Joomla Extension Directory.