Tag
cwe-90
Safeguard articles tagged "cwe-90" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Application Security
LDAP injection: a technical primer and defense guide
LDAP injection is CWE-90, dates to the same root cause as SQL injection, and still shipped in production software as recently as CVE-2023-0476.
Jul 8, 20266 min read
Vulnerability Analysis
What is LDAP Injection
LDAP injection lets attackers manipulate directory queries to bypass authentication or dump directory data. Here's how it works, real CVEs, and how to stop it.
Mar 27, 20266 min read
Vulnerability Analysis
LDAP injection vulnerabilities explained
LDAP injection lets attackers manipulate directory filters to bypass authentication or dump data. Here's how CWE-90 attacks work and how to stop them.
Dec 10, 20256 min read