← Back

CVE-2006-5037

nvd nist
Published: Sep 27, 2006Modified: Apr 23, 2026

JSON object

Loading...
6.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Exploitability: 8.6 / Impact: 6.4
Source: NVD

Description

MySource Matrix after 3.8 allows remote attackers to use the application as an HTTP proxy server via a MIME encoded URL in the sq_content_src parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that "The vendor does not consider this a vulnerability.

Affected (8)

Squiz
1 product
Mysource Matrix
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Squiz
Mysource Matrix
Version 3.10.1
Mysource Matrix
Version 3.10
Mysource Matrix
Version 3.8.2
Mysource Matrix
Version 3.8.3
Mysource Matrix
Version 3.8.4
Mysource Matrix
Version 3.8.5
Mysource Matrix
Version 3.8.6a
Mysource Matrix
Version 3.8

References (8)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.