WeBid 1.1.1 allows remote malicious users to conduct an LDAP injection attack via the (1) js or (2) cat parameter.
webidsupport webid 1.1.1