security risks allowing link setting by users

I am setting up a semi-public input environment - easiest to think in terms of a forum - and wonder about the security risks allowing users to add href links.

I see this forum allows that.
I figure even if BBCode is the interface the posting is still a live URL.

XSS - js injection (I'm trying to sound intelligent here :rolleyes:)

Perhaps totally a non-issue?
I will be interested to have you thoughts

There are no security risks to your site if you strip out any non-http(s) strings from the href attributes. The only security risks might be the link targets themselves (i. e. malicious websites) but this has nothing to do with the security of your site.

Thanks.
I am currently searching regex url validation.

For your site, I think you should install the security application for networking so that you can optimize the security system. Usually, this applications integrated with your system if you want to install it.