An issue exists in the Users (aka Front-end user management) plugin 1.4.5 for October CMS. XSS exists in the name field.
user project user 1.4.5