The InputFilter::getInstance() method omitted a security sensitive parameter from the instance cache key.