Security XenForo 1.4.9 Cross Site Scripting July 27, 2015 007admin XenForo versions 1.4.9 and below suffer from a cross site scripting vulnerability.