Just before the first major new release of Cuyahoga we released an update for Cuyahoga 1.0. The main reason for this release is a security issue that was found in FCKeditor where it was possible for unauthorized users to upload files.
Many thanks to Dieu Quan for mentioning the issue.
A complete overview of the fixes can be found in the
Release notes. You can download the source or binary packages from
here.
To just fix the FCKeditor security issue, get
this Web.config file and place it in the /Support/FCKeditor/editor/filemanager/ directory of your web site. This Web.config file ensures that only authenticated users with the Administrator or Editor role can view and upload files with FCKeditor.
It's highly recommended to upgrade to the new version or apply the Web.config fix!