Michael Marek discovered that the Horde web application framework performs insufficient input sanitising, which might lead to the injection of web script code through cross-site scripting. The old stable distribution (woody) does not contain horde3 packages. For the stable distribution (sarge) this problem has been fixed in version 3.0.4-4sarge4. For the unstable distribution (sid) this problem has been fixed in version 3.1.1-3. We recommend that you upgrade your horde3 package.
Michael Marek discovered that the Horde web application framework performs insufficient input sanitising, which might lead to the injection of web script code through cross-site scripting.
The old stable distribution (woody) does not contain horde3 packages.
For the stable distribution (sarge) this problem has been fixed in version 3.0.4-4sarge4.
For the unstable distribution (sid) this problem has been fixed in version 3.1.1-3.
We recommend that you upgrade your horde3 package.
MD5 checksums of the listed files are available in the original advisory.