CVE-2021-29399
XMB is vulnerable to cross-site scripting (XSS) due to inadequate filtering of BBCode input. This bug affects all versions of XMB. All XMB installations must be updated to versions 1.9.12.03 or 1.9.11.16.
Date published : 2021-04-19
https://docs.xmbforum2.com/index.php?title=Security_Issue_History