devpi-ldap icon indicating copy to clipboard operation
devpi-ldap copied to clipboard

Published 20 hours ago verified publisher icon devpi

Escape LDAP filter chars

Open stroeder opened this issue 6 years ago • 1 comments

Your module is prone to LDAP injection attacks. You should properly escape special LDAP filter chars in user's input probably in method LDAP._search().

stroeder avatar Jul 29 '18 12:07 stroeder

Help with this is appreciated. Especially raw example data which can be used in tests.

fschulze avatar Jul 29 '18 14:07 fschulze