RainLoop, a widely used open-source webmail client, has been identified with a code vulnerability that allows attackers to steal sensitive information from users' inboxes. The vulnerability, known as Stored Cross-Site-Scripting (XSS), can be exploited by sending a maliciously crafted email to a victim who uses RainLoop as their mail client. This vulnerability is due to a logic bug in the sanitization process of HTML code, which often goes unnoticed during security audits. An attacker can control attributes of the `<body>` tag and inject user-controlled input into the HTML code, leading to potential security breaches. A patch has been developed by the authors but is not officially released yet, recommending users to migrate to a fork called SnappyMail or apply an inofficial patch at their own risk. The vulnerability highlights the importance of proper sanitization and DOM tree object handling in web applications.