Hello This is Xss in the old versions and html injection in the new versions of xmb forums .. Discovered By : HACKERS PAL injected file u2u.php as the below u2u.php?action=send&username=|Html Injection OR XSS Thanks ,,