Code injections: code injected into user forms; often seen is SQL/LDAP; often used to compromise
the integrity of our data. Our countermeasures should include: only allowing users to input
appropriate data into the fields - only letters in names, numbers in phone number, dropdowns for
country and state (if applicable); we limit how many characters people can use per cell, etc.