Vulnerability within a website that allows you to run Javascript code
Can plant code and make others that visit the site run the JS
SQL code submitted as user input
Commonly utilizing 'always true' statements
'OR 1=1; -- [malicious SQL code]
'OR 1=1; -- DROP TABLE
Most cases of attacks have a one point of entry, so SANITIZE YOUR USER INPUT
Never trust the user to use your site correctly
Fuel escapes many tags and SQL code automatically, but it doesn’t hurt to use the Security class for cleaning direct user input!