# LDAP Injection

- ID: go-ldap-injection
- Severity: HIGH
- CWE: LDAP Injection (CWE-90)
- Languages: Go

## Description

Detects user input flowing to LDAP queries without proper escaping.

## Remediation

Use ldap.EscapeFilter to sanitize user input before including in LDAP filters.

```go
escaped := ldap.EscapeFilter(username)
filter := fmt.Sprintf("(uid=%s)", escaped)
```

Learn more: https://shoulder.dev/learn/go/cwe-90/ldap-injection

## Related Rules

- **LDAP Injection** [HIGH]: 
- **LDAP Injection** [HIGH]: