Arbitrary HTML Injection in NetIQ Designer for Identity Manager before 4.5.3

Arbitrary HTML Injection in NetIQ Designer for Identity Manager before 4.5.3

CVE-2015-0787 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the accessMgrDN value of the forgotUser.do CGI.

Learn more about our User Device Pen Test.