Titan Internet multiple XSS

I've attempted to make them aware of the the multiple (11) XSS that are confirmed active on their hosting site, which include the transactional parts of the website including billing. I did disclose this to them over 4 days ago with no answer.

This is a claim from their 'vulnerability scan'.

  • 'On September 14, 2011 secure-gateway.titaninternet.co.uk met the PCI data security requirements by passing a SecurityMetrics® Site Certification vulnerability scan.'

If you're a customer of this hosting company i would ask you to question whether they are conscious of this & what steps they are doing to protect the data they are holding.