Horde · Horde · CVE-2005-3759
**Name of the Vulnerable Software and Affected Versions**
Horde versions prior to 3.0.7
**Description**
The issue allows remote attackers to inject arbitrary web script or HTML via the `gzip/tar` and `css` MIME viewers. These viewers do not filter or escape dangerous HTML when extracting and displaying attachments.
**Recommendations**
For versions prior to 3.0.7, update to version 3.0.7 or later to resolve the issue.