Are there any security risks to passing a query directly to Solr without doing any sort of escaping? I am using URL encoding, so '&' and such are being encoded into their %XX equivalents.
Still, should I be doing anything else? Is there such a thing as a Solr-injection attack? Thanks, Micah
