A1 Injection: Can be any code injected into user forms; often seen is SQL/LDAP. Attackers can do
this because our software does not use the following: strong enough input validation and data type
limitations on input fields; input length limitations. The fix is to do just that; we only allow
users to input appropriate data into the fields, only letters in names, numbers in phone number,
have dropdowns for country and state (if applicable), we limit how many characters people can use
per cell, etc.