LDAP injection manipulates LDAP queries through unsanitized user input — bypassing authentication or extracting directory information. Similar to SQL injection but targeting directory services.
Example: username = '*)(uid=*))(|(uid=*' can return all users. Prevention: input validation, use LDAP-safe libraries, parameterized queries. Less common than SQL injection but devastating in AD-integrated applications.