Ubuntu Security Notice USN-201-1 – Several Cross Site Scripting vulnerabilities were discovered in SqWebmail. A remote attacker could exploit this to execute arbitrary JavaScript or other active HTML embeddable content in the web browser of an SqWebmail user by sending specially crafted emails to him.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/40629/USN-201-1.txt
Source: https://packetstormsecurity.com/files/40629/Ubuntu-Security-Notice-201-1.html