Cross-site scripting (XSS) vulnerability in VUBB alpha rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified fields in the user edit profile.
https://exchange.xforce.ibmcloud.com/vulnerabilities/24353
http://pridels0.blogspot.com/2005/11/vubb-forum-sql-and-xss-vuln.html