--- horde-2.2.8/lib/Horde.php	2004-10-25 17:59:15.000000000 +0200
+++ horde-2.2.9/lib/Horde.php	2005-11-13 12:48:32.000000000 +0100
@@ -234,7 +234,7 @@
 
         $errortext = _("<b>A fatal error has occurred:</b>") . "<br /><br />\n";
         if (is_object($error) && method_exists($error, 'getMessage')) {
-            $errortext .= $error->getMessage() . "<br /><br />\n";
+            $errortext .= htmlspecialchars($error->getMessage()) . "<br /><br />\n";
         }
         $errortext .= sprintf(_("[line %s of %s]"), $line, $file);