CVE-2015-6945

Name of the Vulnerable Software and Affected Versions JSP/MySQL Administrador Web version 1

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the bd parameter to "sys/sys/listaBD2.jsp" API endpoint. This could potentially lead to unauthorized actions on the affected web application.

Recommendations For JSP/MySQL Administrador Web version 1, consider restricting access to the "sys/sys/listaBD2.jsp" endpoint until a patch is available, and avoid using the bd parameter in this endpoint to minimize the risk of exploitation.