What can it do? The only thing that prevents that is the programmer knowing what kinds of inputs they're dealing with and making sure unsafe input is properly escaped into safe input when the context calls for escaped input. There's no getting around this.