Check whether the text field is allowing <tags> script tags.. If this is allowed then the hacker can pass any script in the textfield itself.. Then use filters in passing the variables through post...
Type: Posts; User: rodger; Keyword(s):
Check whether the text field is allowing <tags> script tags.. If this is allowed then the hacker can pass any script in the textfield itself.. Then use filters in passing the variables through post...