in a related thread at ubbthreads support forum i raised the question about security issues with ubbt, mainly cross site scripting.
see for more details: http://www.technicalinfo.net/papers/CSS.html

does anybody know if this is relevant to ubbt (i'd guess: yes), and does anybody know a fool-proof way of disabling anything of that kind?

I'm not sure I follow your question or the issue specifically - but as long as you aren't allowing HTML in posts - there are many filters to catch the use of HTML in various places.

Short of redoing the routines in threads that allow and disallow, I don't know of any.