Thanks for that info. I googled xss, and was still a little confused on what an xss vulnerability was.
Can I ask, how would I prevent an xss attack for this particular form?
It is an 'application' and there is no account. Users just submit their email / website info. There are no passwords. The form is at http://valueviewmedia.com/publishers/apply/