We have web application. Testing team is performing security testing using third party tool and performs few LDAP attacks. As per that tool our web application is vulnerable for the LDAP Injection. Fact is that our web application do not interacts with LDAP server for any informaiton.
Will it be good idea to perform the LDAP attacks even though there is no LDAP server interaction in webapp?