diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html
index bc12cce8aa..6a7e348392 100644
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@@ -69,11 +69,13 @@ p,ul,td {font-size:10pt;}
 <ul>
 <li>[Fix] corrected index on session keys table under MS SQL</li>
 <li>[Fix] added session keys table to backup</li>
+<li>[Fix] delete session keys entries when deleting user</li>
 <li>[Fix] changes to support MySQL 5.0</li>
 <li>[Fix] changes to some of the admin files to improve efficiency and remove a potential error condition when building the menu (cxib)</li>
 <li>[Fix] change truncation of username length in usercp_register.php - BFUK</li>
 <li>[Fix] incorrect path to avatars in admin_users.php (Bug #667)</li>
 <li>[Fix] fixed get_userdata to support correct sql escaping (non-mysql dbs) - jarnaez</li>
+<li>[Sec] fixed XSS issue in IE within the url bbcode</li>
 </ul>
 
 
diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php
index f8ba2720e3..f57bc7a394 100644
--- a/phpBB/includes/bbcode.php
+++ b/phpBB/includes/bbcode.php
@@ -200,11 +200,11 @@ function bbencode_second_pass($text, $uid)
 	$replacements[] = $bbcode_tpl['img'];
 
 	// matches a [url]xxxx://www.phpbb.com[/url] code..
-	$patterns[] = "#\[url\]([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*?)\[/url\]#is";
+	$patterns[] = "#\[url\]([\w]+?://([\w\#$%&~/.\-;:=,?@\]+]|\[(?!url=))*?)\[/url\]#is";
 	$replacements[] = $bbcode_tpl['url1'];
 
 	// [url]www.phpbb.com[/url] code.. (no xxxx:// prefix).
-	$patterns[] = "#\[url\]((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*?)\[/url\]#is";
+	$patterns[] = "#\[url\]((www|ftp)\.([\w\#$%&~/.\-;:=,?@\]+]|\[(?!url=))*?)\[/url\]#is";
 	$replacements[] = $bbcode_tpl['url2'];
 
 	// [url=xxxx://www.phpbb.com]phpBB[/url] code..