Hello

This is Xss in the old versions and html injection in the new versions of xmb forums ..

Discovered By : HACKERS PAL

injected file
u2u.php 

as the below
u2u.php?action=send&username=|Html Injection OR XSS

Thanks ,,