Cross site scripting
Thanks, that fixed the SQL injection but now the scan is finding a cross site scripting error. I have to make this PCI compliant before handing it over to the client. I have not changed or added to any of the php. The only changes I have made to the site have all been on the CSS files. Help please.