Home / Web Security / LDAP Injection
High Severity

🟠 LDAP Injection

CWECWE-90: LDAP Injection
CVSS7.5 (High)

🧠 Description

LDAP Injection exploits applications that construct LDAP queries from user input. Attackers can modify query logic to access unauthorized directories or bypass authentication.

Impact: Directory Access, Authentication Bypass

💣 Payloads

*)(uid=*))(|(uid=*
admin)(&(password=*)
*)(objectClass=*
)(cn=*

🛡️ Mitigation

✅ Use parameterized LDAP queries

✅ Escape special characters

✅ Implement least privilege
Back to Web Security