I am about to let some users publish articles on my site.

To make it easier for them, I was thinking of using a CKeditor, let them have links, images, formating, etc ...

However I was thinking of javascript. Can someone inject javascript or will CKeditor clean it up? Do I need my own filtering?

Content submitted by the user should always be checked, even if an application like CKeditor generates valid code. You can use HTMLPurifier for serverside sanitizing.