diff --git a/data/web/inc/header.inc.php b/data/web/inc/header.inc.php
index 79078554..533711de 100644
--- a/data/web/inc/header.inc.php
+++ b/data/web/inc/header.inc.php
@@ -99,7 +99,7 @@
           <?php
           foreach ($MAILCOW_APPS as $app):
           ?>
-            <li><a href="<?= $app['link']; ?>"><?= $app['name']; ?></a></li>
+            <li title="<?= htmlspecialchars($app['description']); ?>"><a href="<?= htmlspecialchars($app['link']); ?>"><?= htmlspecialchars($app['name']); ?></a></li>
           <?php
           endforeach;
           ?>
diff --git a/data/web/inc/vars.inc.php b/data/web/inc/vars.inc.php
index c986133a..f2d09c5c 100644
--- a/data/web/inc/vars.inc.php
+++ b/data/web/inc/vars.inc.php
@@ -42,11 +42,13 @@ $PASSWD_REGEP = '.{4,}';
 $MAILCOW_APPS = array(
   array(
     'name' => 'SOGo',
-    'link' => '/SOGo/'
+    'link' => '/SOGo/',
+    'description' => 'SOGo is a web-based client for email, address book and calendar.'
   ),
   // array(
     // 'name' => 'Roundcube',
-    // 'link' => '/rc/'
+    // 'link' => '/rc/',
+    // 'description' => 'Roundcube is a web-based email client.',
   // ),
 );
 
@@ -60,4 +62,4 @@ $LOG_PAGINATION_SIZE = 30;
 $SESSION_LIFETIME = 3600;
 
 // Label for OTP devices
-$OTP_LABEL = "mailcow UI";
\ No newline at end of file
+$OTP_LABEL = "mailcow UI";
diff --git a/data/web/index.php b/data/web/index.php
index 2bc6e570..3202fb5b 100644
--- a/data/web/index.php
+++ b/data/web/index.php
@@ -69,7 +69,7 @@ $_SESSION['return_to'] = $_SERVER['REQUEST_URI'];
           <?php
           foreach ($MAILCOW_APPS as $app):
           ?>
-            <a href="<?= $app['link']; ?>" role="button" class="btn btn-lg btn-default"><?= $app['name']; ?></a>&nbsp;
+            <a href="<?= htmlspecialchars($app['link']); ?>" role="button" title="<?= htmlspecialchars($app['description']); ?>" class="btn btn-lg btn-default"><?= htmlspecialchars($app['name']); ?></a>&nbsp;
           <?php
           endforeach;
           ?>