CKEditor and FCKeditor modules in Drupal versions 6.x and 7.x suffer from PHP code execution, cross site request forgery, and cross site scripting vulnerabilities.
aaa6ea9e677ff1cded922b9064a43bda0cfc2a65959bfa6b93813933823bdbd6
Drupal FCKEditor/CKEditor module remote PHP code execution exploit.
9e74376ea72715e60cb7ca770018968f4efbcf2157614024104a526a99df39c9