CVE-2006-0779
Cross-site scripting (XSS) vulnerability in u2u.php in XMB Forums 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter, as demonstrated using a URL-encoded iframe tag.
Date published : 2006-02-18
http://www.securityfocus.com/bid/16604
http://www.securityfocus.com/archive/1/425084/100/0/threaded