CVE-2006-5036 - Micrological Issues
Description
DISPUTED MySource Matrix 3.8 and earlier and MySource 2.x allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server’s IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that \The vendor does not consider this a vulnerability.\
Reference
http://www.aushack.com/advisories/200607-mysourcematrix.txt http://secunia.com/advisories/22060 http://securityreason.com/securityalert/1635 https://exchange.xforce.ibmcloud.com/vulnerabilities/29112 mysource-sqremotepageurl-xss(29112) http://www.securityfocus.com/archive/1/446722/100/0/threaded 10k.txt LICENSE README.md adj.txt animals.txt currentfiles cvefilelist noun.txt nvdcve nvdpages.sh scripts tmpvendorlinks DISPUTED 10k.txt LICENSE README.md adj.txt animals.txt currentfiles cvefilelist noun.txt nvdcve nvdpages.sh scripts tmpvendorlinks MySource Matrix 3.8 and earlier and MySource 2.x allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server’s IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that \The vendor does not consider this a vulnerability.\