What did they do when they hacked the editor? What was the result? What did they inject? Where did it appear? Please provide more information and we can look into it further.
The report you linked to implies that the most recent version, which is used in HTML editor, should not have these vulnerabilities.