Translations:Security checklist for developers/36/en

it's easier to put arbitrary strings into text processed by regular expressions, which – when combined with the $1 pattern modifier – can lead to code injection attacks.