Debian Linux Security Advisory 2204-1 - Moritz Naumann discovered that imp4, a webmail component for the horde framework, is prone to cross-site scripting attacks by a lack of input sanitizing of certain fetchmail information.
75b794e01a93ab6397be645fef518b28fe0aa9ecf3b4f695da3b856403588466