Severity: Low

Description: The saveBusinessUnit action contains a deleteAllowedMsg input field, which is not validated properly. The saveBusinessUnit action does not need this parameter and has no impact on functionality. The parameter has been removed in SAS^® Fraud Management 6.2 Hot Fix 4.

Potential Impact: When user input is not thoroughly checked, attackers can manipulate it by entering unexpected or malicious data. This manipulation can bypass security measures and lead to code execution vulnerabilities or unauthorized system access.