Hi,
XSS inclusion is to type some javascript code or HTML code in the URL and that code would be print directly in the page.
HikaShop replace critical tags by non HTML symbols like "<" to "<". That's all.
There is no base changing or what ever. If you but "<strong>mytext</strong>" in the URL and you see your text in bold in your page, that's a breach. Otherwise, it's secured.
With tabber, you can do it. With Joomla and HikaShop you can't.
If you want to know more about XSS, you can read the wikipedia page which is quite complete
en.wikipedia.org/wiki/Cross-site_scripting
Regards,
Jerome - Obsidev.com
HikaMarket & HikaSerial developer / HikaShop core dev team.
Also helping the HikaShop support team when having some time or couldn't sleep.
By the way, do not send me private message, use the "contact us" form instead.
HIKASHOP ESSENTIAL 60€The basic version. With the main features for a little shop.
HIKAMARKETAdd-on Create a multivendor platform. Enable many vendors on your website.
HIKASERIALAdd-on Sale e-tickets, vouchers, gift certificates, serial numbers and more!
MARKETPLACEPlugins, modules and other kinds of integrations for HikaShop
