This has the risk that the user could construct an HTTP request that included data for fields not in the form sent by the server. Depending on what is done with the data this could, for example, allow someone to edit a field that users aren't supposed to be able to edit.

So if this technique is used, it is important to be aware of potential security issues and include protection against them.