CVE-2019-0218

A vulnerability was discovered wherein a specially crafted URL could enable reflected XSS via JavaScript in the pony mail interface.
Source: NIST
CVE-2019-0218