Accepting user input in log files can result in log forging. For example, if a user enters carriage return and line feed (CRLF) sequences, it may be possible to break apart a legit legitimate log entry into two log entries. The second entry can be intentionally misleading, for instance, it may warn the administrator that a reboot is required to install critical security updates.
...