Cross-site scripting (XSS) vulnerability in sCssBoard 1.11 and earlier allows remote attackers to execute arbitrary Javascript via [url] tags.
https://exchange.xforce.ibmcloud.com/vulnerabilities/20021
http://www.securityfocus.com/bid/13041
http://sourceforge.net/project/shownotes.php?release_id=318346