Gentoo Linux Security Advisory GLSA 200802-03 - Ulf Harnhammar, Secunia Research discovered that the frame and frameset HTML tags are not properly filtered out. He also reported that certain HTTP requests are executed without being checked. Versions less than 4.1.6 are affected.
657780bafc3c14c287fde088770ac4afa98d98845d94b35a85ef7705bdfed87d
Debian Security Advisory 1470-1 - Ulf Harnhammer discovered that the HTML filter of the Horde web application framework performed insufficient input sanitising, which may lead to the deletion of emails if a user is tricked into viewing a malformed email inside the Imp client.
7185ff7fa0b15d8ff382bf5c4303a3de0e325a2fd3fb8403ecef44ad72ce543f