LDAP Injection

LDAP injection is a vulnerability that affects applications using Lightweight Directory Access Protocol for authentication, user lookup, or directory services. It occurs when user input is inserted into LDAP queries without proper escaping or validation. Attackers may alter query logic to bypass login controls, enumerate users, access directory attributes, or retrieve sensitive identity information. LDAP injection is especially important in enterprise environments where directory services support access control and identity management.