Not really sure there is no information on what they say the issue is
I am not sure why they classify the date field as a cross site security issue. This is not a field users in anyway input data too. It is only used internally by the program to enter the date a product or review is uploaded. It can only be an integer and is defined totally in the program by this line Cross-site scripting - Wikipedia, the free encyclopedia
I would like to see examples of what they mean here. The date field is filled in by a line in the software not an external field
Content visible to verified customers only.