An attacker removes or disables filtering mechanisms on the target
						application. Input filters prevent invalid data from being sent to an
						application (for example, overly large inputs that might cause a buffer
						overflow or other malformed inputs that may not be correctly handled by an
						application). Input filters might also be designed to constrained executable
						content. For example, if an application accepts scripting languages as
						input, an input filter could constrain the commands received and block those
						that the application's administrator deems to be overly powerful. An output
						filter screens responses from an application or person in order to prevent
						disclosure of sensitive information. For example, an application's output
						filter might block output that is sourced to sensitive folders or which
						contains certain keywords. A data mask is similar to an output filter, but
						usually applies to structured data, such as found in databases. Data masks
						elide or replace portions of the information returned from a query in order
						to protect against the disclosure of sensitive information.