CVE-2006-5036

Name: CVE-2006-5036
Creator: NVD / NIST
Published: 2006-09-27T23:07:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.25%

Last modified Jun 16, 2026

CVE-2006-5036 is a vulnerability of currently unknown severity. MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that "The vendor does not consider this a vulnerability.. EPSS estimates a 1.25% chance of exploitation in the next 30 days.

Description

MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that "The vendor does not consider this a vulnerability.

Metrics

EPSS Probability

1.25%

65.7th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Squiz	Mysource Classic	<= 2.16.2
Squiz	Mysource Matrix	<= 3.8

References

Timeline

Published: Sep 27, 2006
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2006-5036?

How severe is CVE-2006-5036?

Severity scoring for CVE-2006-5036 is pending analysis. The EPSS model estimates a 1.25% probability of exploitation in the next 30 days.

How do I fix CVE-2006-5036?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-5036?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST