From the screenshot of the web page, the key information about the vulnerability can be summarized as follows: Vulnerability Title: Indirect LDAP injection via the ldap_uid attribute of a user when checking if it exists. Severity: Moderate (CVSS v3 base metrics score of 6.7). Affected Versions: - and , . Patched Versions: - , . - . Impact: Tuleap does not sanitize properly the search filter built from the identifier attribute of a user during the daily synchronization. This could lead to a malicious user forcing accounts to be suspended or taking over another account by forcing an update to an attribute related to the user. Patches: Available in Tuleap Community Edition 13.2.99.83, Tuleap Enterprise Edition 13.1-6, 13.2-4. CVE ID: CVE-2021-43782. Weaknesses: CWE-90. Description: A follow-up to GHSA-887W-PV22X-2 YanPad using IDOR in the context of insufficient filtering or validation of user-supplied input resulting in search filter injection. Additional Information: For questions or comments, refer to the Tuleap.org security page. This information is presented in an organized and readable format using markdown for clarity.