Emilio Pinna discovered a cross site scripting vulnerability in the
spellchecker.php page of FCKeditor, a popular HTML/DHTML editor for the web.
For the stable distribution (squeeze), this problem has been fixed in
version 1:2.6.6-1squeeze1.
For the testing distribution (wheezy), this problem has been fixed in
version 1:2.6.6-3.
For the unstable distribution (sid), this problem has been fixed in
version 1:2.6.6-3.
We recommend that you upgrade your fckeditor packages.