A bug in Apple s standalone mail client for iOS and OSX could allow an attacker to load external HTML and make it easy to carry out convincing phishing attacks on unsuspecting users. Jan Sou..ek, a researcher based in Prague, Czech Republic, found the bug and reported it to Apple earlier this year. After five months of radio silence and several software updates that failed to address the bug, he decided over the weekend it was time to post proof of concept code for the issue.
Source: https://threatpost.com/mail-bug-on-ios-osx-opens-door-to-phishing-attacks/113247/