Italian Researcher Michele Spagnuolo recently revealed a serious vulnerability in the popular Mailbox iPhone app. The flaw occurs in the latest version of Mailbox (1.6.2) currently available from the App Store, that executes any Javascript which is present in the body of HTML emails. With exploitation of this vulnerability, users could be subject to account hijacking, spam and phishing attacks by opening an HTML email containing embedded javascript. iOS is tightly sandboxed, its security features are built with this functionality in mind and normally do not allow any potentially harmful operation to take place without user’s permission.
Source: https://thehackernews.com/2013/09/mailbox-iphone-app-vulnerability.html