A security exploit within the FCKEditor’s php connector has prompted a new release of Geeklog to address this issue.
Apparently this flaw allows for malware to end up being hosted on some Geeklog powered sites by using this exploit. As a result, this new version is available to resolve.
“Geeklog 1.6.0sr2 is now available for download and ships with a much more restrictive configuration for uploads through FCKeditor. There’s also an archive to upgrade from 1.6.0sr1 and an updated version of the drop-in FCKeditor replacement for older Geeklog versions.”