--On Monday, January 17, 2022 12:38 PM +0000 chinnac412@gmail.com wrote:
I am Using SearchControls constraints = new SearchControls(); NamingEnumeration answer = ctx.search("DC=YourDomain,DC=com", "sAMAccountName=" + username, constraints); when i Run the Varacode Dynamic scan i am getting the Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') when i debug i can see { constraints } is printing Special Characters like example ( specila@345678) so any solution or else any other alternate way to use instead of SearchControls
This sounds like you're talking to Active Directory and not using the OpenLDAP C API. Thus I see nothing here in your question that relates to the OpenLDAP software. You likely need to contact either the authors of the API you are using or Microsoft, or both.
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com