*  Fixed incorrect user count leading to empty last page of user list.
*  Fixed XSS vulnerability involving "redirect_url".
*  Fixed XSS vulnerability involving URL BBCode (only affects Internet
   Explorer users).