there is one mrbs contrib block for Moodle too. Anyway, the missing input validation has been fixed some hours ago in code: http://cvs.moodle.org/contrib/plugins/blocks/mrbs/web/