http://stackoverflow.com/questions/820310/risk-of-using-apache-mod-proxy
I am now exploring to use Apache's mod_proxy's directive, eg ProxyPass, as part of solution for cross-domain scripting restriction (for html/ajax/flash code). However, I am afraid by enabling mod_proxy, I would risk having the server as open proxy.
What's the risk, and how to minimize the risk, in short?
Since you specifically mentioned ProxyPass, I'll assume you're using mod_proxy as a reverse proxy.