In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsConsider updating to use ldapauth-fork 2.3.3 or greater as ldapauth has not yet been patched.
ldapauth versions <= 2.2.4 are vulnerable to ldap injection through the username parameter.
Source: Node Security Project