CVE-2015-0787

Name of the Vulnerable Software and Affected Versions NetIQ Designer for Identity Manager versions prior to 4.5.3

Description The issue allows remote attackers to inject arbitrary HTML code, potentially leading to security breaches. This is achieved by manipulating the accessMgrDN value of the "forgotUser.do" CGI endpoint.

Recommendations For versions prior to 4.5.3, update to version 4.5.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the "forgotUser.do" CGI endpoint to minimize the risk of exploitation.