My site has failed the security test from [url removed, login to view] for possible XSS issue, so need an experienced php guy to look at the store.
Its OSCmax with 2 more contribs installed. I need a thorough cleanup not just a grade to pass for compliance and also to make sure everything works with "GLOBAL off". I know there is a contrib for it readymade but I would prefer someone to actually look for it and modify the code so as it all works without globals.
Test domain is [url removed, login to view]