# LDAP Injection

- ID: python-ldap-injection
- Severity: HIGH
- CWE: LDAP Injection (CWE-90)
- Languages: Python
- Frameworks: django, flask, fastapi, pyramid, tornado

## Description

Detects LDAP queries constructed with unsanitized user input.

## Remediation

Escape LDAP special characters using escape_filter_chars().

```python
from ldap3.utils.conv import escape_filter_chars
safe_username = escape_filter_chars(username)
```

Learn more: https://shoulder.dev/learn/python/cwe-90/ldap-injection

## Documentation

[object Object]

## Related Rules

- **LDAP Injection** [HIGH]: 
- **LDAP Injection** [HIGH]: