Does exported webflow forms employ any kind of validation to prevent XXS?

I am self hosting a webflow created site

I have a contact form that submits a POST to a separate PHP script living on my server.
That php script takes the POST arguments and in turn mails that to my primary email address.

Is it necessary to do any sort of validation of the form data before it leaves the contact page? Or can I simply validate it on the custom php script only?