MailEnable prior to 8.60 allows Stored XSS via malformed use of "<img/src" with no ">" character in the body of an e-mail message.
mailenable mailenable