> This is something that could easily occur with scripting languages, backend systems, open source, closed source, etc. Basically any black-box system that takes in some input could pre-manipulate the input yielding an unknown/unexpected output.

IMO thats why it's a scary attack. It's a really simple idea and there are so many ways to apply it