I run FCKEDITOR 6.x-2.3 on a drupal 6 website, a bunch of hacker team worked to see if there is any security issue on website and they found some vulnerabilities with FCKEDITOR, an anonymous user can upload files to the server using some uploader like this one to the server.
for an anonymouse user I can access direcotries such as:
to upload my uploader file. is there a way to fix it? or I should forget about using FCKEDITOR or any other wysiwyg editors?