LDAP - Critical - Data Injection - SA-CONTRIB-2017-052
The LDAP module does not sanitize user input correctly in several cases, allowing a user to modify parameters without restriction and inject data. If the site administrator chooses to hide the email or password from the user form instead of showing or disabling it under "Authorization", these...