https://blog.modpr0.be/2012/06/02/hexamail-server-4-4-5-persistent-xss-vulnerability/
Hexamail Server <= 4.4.5 Persistent XSS Vulnerability