Debian Security Advisory 1519-1 - It was discovered that the Horde web application framework permits arbitrary file inclusion by a remote attacker through the theme preference parameter.
8aea956be722bc6e913c627aa8a53df918f3a96617a8147c3806e747e4223c0b