The remote host is vulnerable to an HTML injection attack.
The remote host is running Mailreader, a web-based application which can be used to read email. This version of Mailreader is vulnerable to a remote HTML injection flaw. An attacker exploiting this flaw would need to be able to convince a Mailreader user to open a malicious email. Successful exploitation would result in the client running code within their browser that would seem to be originating from the Mailreader server.
Upgrade to version 2.3.36 or higher.