Create a VuXML entry for Horde XSS help window vulnerability to replace

the portaudit-db entry.

ports-mgmt/portaudit-db/database/portaudit.txt

@@ -81,4 +81,3 @@ mpg123<=0.59r_13|http://secunia.com/advisories/12478 http://www.osvdb.org/9748 h
 imp<3.2.6|http://thread.gmane.org/gmane.comp.horde.imp/15488 http://cvs.horde.org/diff.php/imp/docs/CHANGES?r1=1.389.2.109&r2=1.389.2.111&ty=h|XSS hole in the HTML viewer - The script vulnerabilities can only be exposed with certain browsers and allow XSS attacks when viewing HTML messages with the HTML MIME viewer.|efc4819b-0b2d-11d9-bfe1-000bdb1444a4
 koffice<1.3.2_1,1|http://kde.org/info/security/advisory-20041021-1.txt|Multiple integer overflow and integer arithmetic flaws in imported xpdf code|ecf6713f-2549-11d9-945e-00e018f69096
 kdegraphics>=3.2.0<3.3.0_1|http://kde.org/info/security/advisory-20041021-1.txt|Multiple integer overflow and integer arithmetic flaws in imported xpdf code|6a04bf0e-254b-11d9-945e-00e018f69096
-horde<2.2.7|http://lists.horde.org/archives/announce/2004/000107.html|Potential XSS vulnerability in the help window.|ed1d404d-2784-11d9-b954-000bdb1444a4

security/portaudit-db/database/portaudit.txt

@@ -81,4 +81,3 @@ mpg123<=0.59r_13|http://secunia.com/advisories/12478 http://www.osvdb.org/9748 h
 imp<3.2.6|http://thread.gmane.org/gmane.comp.horde.imp/15488 http://cvs.horde.org/diff.php/imp/docs/CHANGES?r1=1.389.2.109&r2=1.389.2.111&ty=h|XSS hole in the HTML viewer - The script vulnerabilities can only be exposed with certain browsers and allow XSS attacks when viewing HTML messages with the HTML MIME viewer.|efc4819b-0b2d-11d9-bfe1-000bdb1444a4
 koffice<1.3.2_1,1|http://kde.org/info/security/advisory-20041021-1.txt|Multiple integer overflow and integer arithmetic flaws in imported xpdf code|ecf6713f-2549-11d9-945e-00e018f69096
 kdegraphics>=3.2.0<3.3.0_1|http://kde.org/info/security/advisory-20041021-1.txt|Multiple integer overflow and integer arithmetic flaws in imported xpdf code|6a04bf0e-254b-11d9-945e-00e018f69096
-horde<2.2.7|http://lists.horde.org/archives/announce/2004/000107.html|Potential XSS vulnerability in the help window.|ed1d404d-2784-11d9-b954-000bdb1444a4

security/vuxml/vuln.xml

@@ -32,6 +32,34 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="ed1d404d-2784-11d9-b954-000bdb1444a4">
+    <topic>horde -- cross-site scripting vulnerability in help
+      window</topic>
+    <affects>
+      <package>
+        <name>horde</name>
+	<name>horde-devel</name>
+        <range><lt>2.2.7</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>A Horde Team announcement states that a potential cross-site
+	  scripting vulnerability in the help window has been
+	  corrected.  The vulnerability appears to involve the handling
+	  of the <code>topic</code> and <code>module</code> parameters
+	  of the help window template.</p>
+      </body>
+    </description>
+    <references>
+      <mlist msgid="20041026115303.10FBEC046E@neo.wg.de">http://marc.theaimsgroup.com/?l=horde-announce&amp;m=109879164718625</mlist>
+    </references>
+    <dates>
+      <discovery>2004-10-06</discovery>
+      <entry>2004-10-27</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="f4428842-a583-4a4c-89b7-297c3459a1c3">
     <topic>bogofilter -- RFC 2047 decoder denial-of-service vulnerability</topic>
     <affects>