Description
This script is possibly vulnerable to LDAP Injection attacks.
Lightweight Directory Access Protocol (LDAP) is an open-standard protocol for both querying and manipulating X.500 directory services. When a web application fails to properly sanitize user-supplied input, it is possible for an attacker to alter the construction of an LDAP statement.
Remediation
Your script should filter metacharacters from user input.
References
Related Vulnerabilities
Apache 2.2.14 mod_isapi Dangling Pointer
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2017-7671)
Jboss EAP Improper Input Validation Vulnerability (CVE-2014-0034)
SharePoint Improper Input Validation Vulnerability (CVE-2011-1989)
ZenCart Improper Input Validation Vulnerability (CVE-2009-4321)