Horde Vacation Remote Cross-Site Scripting Vulnerability

Horde Vacation Remote Cross-Site Scripting Vulnerability

Solution:
The vendor has released an upgrade dealing with this issue.

Gentoo Linux has released advisory GLSA 200505-01 to address this, and other issues. Users of affected packages are urged to execute the following commands with superuser privileges:
All Horde users should upgrade to the latest version:
emerge --sync
emerge --ask --oneshot --verbose ">=www-apps/horde-2.2.8"
All Horde Vacation users should upgrade to the latest version:
emerge --sync
emerge --ask --oneshot --verbose ">=www-apps/horde-vacation-2.2.2"
Please see the referenced advisory for further information.

Horde Vacation 2.0

Horde Vacation 2.2.2
http://www.horde.org/vacation/download/

Horde Vacation 2.1

Horde Vacation 2.2.2
http://www.horde.org/vacation/download/

Horde Vacation 2.2

Horde Vacation 2.2.2
http://www.horde.org/vacation/download/

Horde Vacation 2.2.1

Horde Vacation 2.2.2
http://www.horde.org/vacation/download/