github.com/stevenweathers/thunderdome-planning-poker is vulnerable to LDAP injection. Lack of an escape filter allows remote attackers to inject specially crafted values through UserName
parameter resulting in LDAP injection vulnerability. Successful attackers are able to read, modify or delete sensitive information from the directory service.