SUSE CVE-2005-3759

Multiple cross-site scripting XSS vulnerabilities in Horde before 3.0.7 allow remote attackers to inject arbitrary web script or HTML via the 1 gzip/tar and 2 css MIME viewers, which do not filter or escape dangerous HTML when extracting and displaying attachments...