How to exploit LDAP injection?

BurpSuite marked a website I am testing with having a potential LDAP injection vulnerability. It seems that when I put an asterisk in a parameter ex. getStuff?id=* I get a 500 error and Java error output. When I set it to something normal like 123 I get a 200 response (the page is just blank however). I’m not sure how I can further exploit this, maybe someone knows?