ldap-injection
Safeguard articles tagged "ldap-injection" — guides, analysis, and best practices for software supply chain and application security.
5 articles
LDAP injection: a technical primer and defense guide
LDAP injection is CWE-90, dates to the same root cause as SQL injection, and still shipped in production software as recently as CVE-2023-0476.
What is LDAP Injection
LDAP injection lets attackers manipulate directory queries to bypass authentication or dump directory data. Here's how it works, real CVEs, and how to stop it.
LDAP injection vulnerabilities explained
LDAP injection lets attackers manipulate directory filters to bypass authentication or dump data. Here's how CWE-90 attacks work and how to stop them.
LDAP Injection Attacks Explained
LDAP injection lets attackers bypass logins and enumerate Active Directory data via crafted filter syntax. Here's how it works, why it persists, and how to stop it.
LDAP Injection Prevention Guide
LDAP injection attacks manipulate directory service queries to bypass authentication, extract sensitive data, and enumerate user accounts. This guide covers attack techniques and practical defenses for applications using LDAP.