CVE-2007-1515

Multiple cross-site scripting XSS vulnerabilities in Horde IMP H3 4.1.3, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via 1 the email Subject header in thread.php, 2 the editquery parameter in search.php, or other unspecified parameters in search.php. NOTE:...