...
Logging unsanitized user input can also result in leaking sensitive data across a trust boundary or storing sensitive data. For example, an attacker might inject a script into the log file such that, if viewed using a web browser, could provide the attacker with a copy of the operator/administrator's cookie so that he might gain access as that user. See IDS00-J. Sanitize untrusted data passed across a trust boundaryPrevent SQL Injection for more details on input sanitization.
...
...