Gmail XSS?

[Denzity <denzity () gmail com>]

There's reports of a gmail xss in the wild that will steal someone's contact
list and email if they website is visited while being logged in to gmail.

http://cyber-knowledge.net/blog/2007/01/01/gmail-vulnerable-to-contact-list-hijacking/

I can't find this on Bugtraq or any release. Anyone have any more info or a
PoC?

Thanks, Denzity.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/