An unauthenticated remote attacker can perform a log injection due to improper input validation. Only a certain log file is affected.