Data validation is one of the most effective ways to protect Web applications from attack. Ensuring only the data you expect is entered into a form or provided via some other input mechanism should be part of every organizations software development process. The recent Heartland Payment Systems breach is an example of what happens when you dont validate data. Web applications which allow any and all input, regardless of content, are simply not secure. These vulnerabilities, together with injection flaws, make up four of the top five vulnerabilities in the OWASP Top 10.”]
Source: https://www.csoonline.com/article/2137188/data-validation–ignore-it-and-you-lose.html