donP:
In tinyMCE documentation wiki there are some methods to secure from XSS attack: for example, creating textareas with JavaScript itself, so nobody can disable Javascript in his own browser trying to bypass security restrictions in editor configuration.
You can still send a manual POST containing malicious HTML (through a custom HTTP request), so Javascript can still be bypassed.
TinyMCE Documentation:
You have a pretty secure installation of TinyMCE. Unfortunately, all of this can be bypassed. Therefore, you need to create a secure backend, in our case, we are using PHP. Your destination script should filter out all the same baddies that TinyMCE does. This is duplication of effort, but it is needed.
donP:
I vote for CKeditor (Koradhil: it also has good table support like tinyMCE)
As far as I know, there is no option to insert new rows or columns in the middle of an existing table (or even add rows at the end) in FCK / CKeditor.
