The product does not validate any query towards persistent data, resulting in a risk of injection attacks.
Related posts