Due to improper verification of packets, unencrypted packets containing application data are accepted after the initial handshake. This allows an attacker to inject arbitrary data which the client/server believes was encrypted, despite not knowing the session key.