`There is an XSS vulnerability in roundcube webmail:
Btw, we've been posting 0-day XSS vulnerabilities at
http://sla.ckers.org/forum/list.php?3 to take it out of the full
disclosure list since lots of people don't want to see the sheer volume
of reports. We've got close to a thousand companies and counting.
We're just trying to cut down on the noise to people's inboxes. That is