Which of the following is a type of injection flaw mentioned?

Injection flaws occur when untrusted input is treated as part of a command or query by an interpreter. LDAP injection is the specific case where that input is used to build an LDAP query or search filter. If an attacker injects LDAP syntax into the input, they can alter the query’s logic, potentially bypassing authentication or revealing data from the directory. For example, a login form that builds a filter like (&(uid=USER)(userPassword=PASS)) from user input can be manipulated if the input contains special LDAP characters, allowing the attacker to modify or broaden the search. That’s why LDAP Injection is the correct choice: it directly represents the injection flaw type relevant to LDAP queries. Cross-Site Scripting is another injection-related vulnerability but targets script execution in a web page, while Buffer Overflow and Improper Error Handling describe other categories of issues.