Lack of Input Validation

• Most common among Web applications.

• This can often lead to serious breaches in the security model.

  • XSS
  • Allowing arbitrary queries into the backend database.