Multiple vulnerabilities have been identified in Horde
Application Framework, which may be exploited by attackers
to execute arbitrary scripting code. These flaws are due
to input validation errors in the "test.php" and
"templates/problem/problem.inc" scripts that do not
validate the "url", "name", "email", "subject" and
"message" parameters, which could be exploited by
attackers to cause arbitrary scripting code to be executed
by the user's browser in the security context of an
affected Web site.