Froogle/GMail Vulnerability

"An Israeli hacker has uncovered a flaw in Froogle, Google's price-comparison service, which could allow access to users' Gmail accounts. Nir Goldshlager, who discovered the flaw, warned that URL-embedded Javascript could end up causing personal information to be revealed.If users execute the script by clicking a link, they would be redireted to a malicious website. From there, hackers can read a user's cookie. It may contain personal information, such as purchase histories, or the username and password used to access Google services - such as Gmail."-- David Bennett, Froogle/Gmail Hack Warning,

(via BlogoScoped)