Check if LDAP Injection would be an issue in Glim
Closed this issue · 2 comments
doncicuto commented
As @westurner suggests in #60, I'll check if LDAP Injection would affect Glim as I use Gorm for SQL operations (which would protect against SQL Injection)
Useful reference:
doncicuto commented
Wrong PR (typo), keeping open
doncicuto commented
As long as Glim gets LDAP statements user inputs and converts them into SQL queries managed by Gorm, this security issue should not affect Glim when serving LDAP requests. Will re-open if Glim LDAP support changes.