OverLook Cross-site Scripting Vulnerability

[advisory () anatoliasecurity com]

ANATOLIA SECURITY ADVISORY
---------------------------

### ADVISORY INFO ###
+ Title: OverLook Cross-site Scripting
+ Advisory URL: http://anatoliasecurity.com/Blog/Detay.aspx?bId=2
+ Advisory ID:  2010-002
+ Version: v5.0
+ Date: 06/10/2010
+ Impact: Execute Malicious Javascript Codes
+ CWE-ID: 79 
+ Credit: Anatolia Security 



### VULNERABLE PRODUCT ###
+ Description: "Overlook is a modern system of communication licensed of GPL (GNU Public License), which puts at 
disposal by the user the webmail and webcalendar functionalities.Since the release of the version in November 2006, 
downloads have exceeded the threshold of 2.000, transforming Overlook on one of the most popular groupware 
applications."
+ Homepage: http://www.openit.it
+ Download: http://www.openit.it/index.php?option=com_jdownloads&Itemid=87&task=viewcategory&catid=3&lang=en



### VULNERABILITY DETAILS ###
+ Description: "title.php" gets "frame" parameter with sqgetGlobalVar function. sqgetGlobalVar function apply 
decodeHTML function to variable. This function decode HTML tags so its make a chance to succesfull exploitation with 
some browser (e.g. Mozilla Firefox encodes HTML tags). After that application include "frame" variable into inline 
javascript code.

+ Exploit/POC: http://www.anatoliasecurity.com/exploits/overlook-xss-poc.txt