Photo by Markus Spiske on Unsplash
LDAP is a protocol that lets applications talk with directory services servers that store user IDs, passwords, and computer accounts. When applications accept user input and execute it, attackers can exploit the LDAP server by sending malicious requests.
Some examples of LDAP coding issues include:
- Excess access privileged assigned to LDAP accounts
- Lack of output regulation
- Inability to perform dynamic checks
- Lack of static source code analysis
