ANATOLIA SECURITY ADVISORY --------------------------- ### ADVISORY INFO ### + Title: OverLook Cross-site Scripting + Advisory URL: http://anatoliasecurity.com/Blog/Detay.aspx?bId=2 + Advisory ID: 2010-002 + Version: v5.0 + Date: 06/10/2010 + Impact: Execute Malicious Javascript Codes + CWE-ID: 79 + Credit: Anatolia Security ### VULNERABLE PRODUCT ### + Description: "Overlook is a modern system of communication licensed of GPL (GNU Public License), which puts at disposal by the user the webmail and webcalendar functionalities.Since the release of the version in November 2006, downloads have exceeded the threshold of 2.000, transforming Overlook on one of the most popular groupware applications." + Homepage: http://www.openit.it + Download: http://www.openit.it/index.php?option=com_jdownloads&Itemid=87&task=viewcategory&catid=3&lang=en ### VULNERABILITY DETAILS ### + Description: "title.php" gets "frame" parameter with sqgetGlobalVar function. sqgetGlobalVar function apply decodeHTML function to variable. This function decode HTML tags so its make a chance to succesfull exploitation with some browser (e.g. Mozilla Firefox encodes HTML tags). After that application include "frame" variable into inline javascript code. + Exploit/POC: http://www.anatoliasecurity.com/exploits/overlook-xss-poc.txt
