|Alert Type||Active Scan Rule|
LDAP Injection may be possible. It may be possible for an attacker to bypass authentication controls, and to view and modify arbitrary data in the LDAP directory.
SolutionValidate and/or escape all user input before using it to create an LDAP query. In particular, the following characters (or combinations) should be blacklisted: & | ! < > = ~= >= <= * ( ) , + - ' ' ; / NUL character